anchore cli

[arunvel1988]

Changes

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you review them:

• [ ] Follows the authoring recommendations
• [ ] Includes docs (if user facing)
• [ ] Includes tests (if functionality of task changed or new task added)
• [ ] Commit messages follow commit message best practices
• [ ] Complies with Catalog Organization TEP, see example. Note An issue has been filed to automate this validation

  • [ ] File path follows <kind>/<name>/<version>/name.yaml

  • [ ] Has README.md at <kind>/<name>/<version>/README.md

  • [ ] Has mandatory metadata.labels - app.kubernetes.io/version the same as the <version> of the resource

  • [ ] Has mandatory metadata.annotations tekton.dev/pipelines.minVersion

  • [ ] mandatory spec.description follows the convention

      ```
    
      spec:
        description: >-
          one line summary of the resource
    
          Paragraph(s) to describe the resource.
      ```
    

See the contribution guide for more details.

---

[linux-foundation-easycla[bot]]

• :white_check_mark: login: arunvel1988 / name: Arunvel Arunachalam (95c4f5026f58c6572bd9bea9a5ad89faafa69ab8)
• :x: The commit (c6cc4cb3bb3401592bb33e43e21ea653ce9859dc). This user is missing the User's ID, preventing the EasyCLA check. Consult GitHub Help to resolve.For further assistance with EasyCLA, please submit a support request ticket.

[tekton-robot]

Hi @arunvel1988. Thanks for your PR.

I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[tekton-robot]

Catlin Output

FILE: task/anchore-cli/0.1/secret.yaml

Catlin script lint Output

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In anchore-cli-anchore-cli line 2:
export ANCHORE_CLI_URL=$(params.ANCHORE_CLI_URL)
       ^-------------^ SC2155: Declare and assign separately to avoid masking return values.


In anchore-cli-anchore-cli line 3:
anchore-cli image add $(params.IMAGE_NAME) > /dev/null 2>&1
                      ^------------------^ SC2046: Quote this to prevent word splitting.


In anchore-cli-anchore-cli line 4:
anchore-cli image vuln $(params.IMAGE_NAME) > /dev/null 2>&1
                       ^------------------^ SC2046: Quote this to prevent word splitting.


In anchore-cli-anchore-cli line 5:
status=`anchore-cli evaluate check $(params.IMAGE_NAME)`
       ^-- SC2006: Use $(...) notation instead of legacy backticked `...`.
                                   ^------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
status=$(anchore-cli evaluate check $(params.IMAGE_NAME))


In anchore-cli-anchore-cli line 6:
if echo $status | grep  -q 'fail'; then
        ^-----^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
if echo "$status" | grep  -q 'fail'; then

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2155 -- Declare and assign separately to ...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

[arunvel1988]

@vdemeester any updates? I have already completed easycla

[tekton-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: To complete the pull request process, please assign vdemeester after the PR has been reviewed. You can assign the PR to them by writing /assign @vdemeester in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

[tekton-robot]

Catlin Output

FILE: task/anchore-cli/0.1/anchore-cli.yaml
WARN : Step "anchore-cli" uses image "$(params.ANCHORE_CLI_IMAGE)" that contains variables; skipping validation
FILE: task/anchore-cli/0.1/secret.yaml

Catlin script lint Output

ERROR: /usr/bin/shellcheck, [-s sh] failed:

In anchore-cli-anchore-cli line 2:
export ANCHORE_CLI_URL=$(params.ANCHORE_CLI_URL)
       ^-------------^ SC2155: Declare and assign separately to avoid masking return values.


In anchore-cli-anchore-cli line 3:
anchore-cli image add $(params.IMAGE_NAME) > /dev/null 2>&1
                      ^------------------^ SC2046: Quote this to prevent word splitting.


In anchore-cli-anchore-cli line 4:
anchore-cli image vuln $(params.IMAGE_NAME) > /dev/null 2>&1
                       ^------------------^ SC2046: Quote this to prevent word splitting.


In anchore-cli-anchore-cli line 5:
status=`anchore-cli evaluate check $(params.IMAGE_NAME)`
       ^-- SC2006: Use $(...) notation instead of legacy backticked `...`.
                                   ^------------------^ SC2046: Quote this to prevent word splitting.

Did you mean: 
status=$(anchore-cli evaluate check $(params.IMAGE_NAME))


In anchore-cli-anchore-cli line 6:
if echo $status | grep  -q 'fail'; then
        ^-----^ SC2086: Double quote to prevent globbing and word splitting.

Did you mean: 
if echo "$status" | grep  -q 'fail'; then

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...
  https://www.shellcheck.net/wiki/SC2155 -- Declare and assign separately to ...
  https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...

[tekton-robot]

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale with a justification. Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with /close with a justification. If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/lifecycle stale

Send feedback to tektoncd/plumbing.

[tekton-robot]

Stale issues rot after 30d of inactivity. Mark the issue as fresh with /remove-lifecycle rotten with a justification. Rotten issues close after an additional 30d of inactivity. If this issue is safe to close now please do so with /close with a justification. If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/lifecycle rotten

Send feedback to tektoncd/plumbing.

[tekton-robot]

Rotten issues close after 30d of inactivity. Reopen the issue with /reopen with a justification. Mark the issue as fresh with /remove-lifecycle rotten with a justification. If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/close

Send feedback to tektoncd/plumbing.

[tekton-robot]

@tekton-robot: Closed this PR.

In response to this:

Rotten issues close after 30d of inactivity. Reopen the issue with /reopen with a justification. Mark the issue as fresh with /remove-lifecycle rotten with a justification. If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.

/close

Send feedback to tektoncd/plumbing.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.