test(e2e): debug e2e-tests, don't merge!

.github/workflows/ci.yml

@@ -85,10 +85,10 @@ jobs:
     needs: test
     runs-on: ubuntu-latest
     steps:
-      - name: Harden Runner
-        uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 # v2.1.0
-        with:
-          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
+#      - name: Harden Runner
+#        uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 # v2.1.0
+#        with:
+#          egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
       - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
       - uses: AbsaOSS/k3d-action@4e8b3239042be1dc0aed6c5eb80c13b18200fc79 # v2.4.0

config/trivy-server/kustomization.yaml

@@ -14,6 +14,6 @@ configMapGenerator:
     literals:
       - LISTEN=0.0.0.0:4954
       - CACHE_DIR=/home/scanner/.cache/trivy
-      - DEBUG=false
+      - DEBUG=true
       - SKIP_UPDATE=false
       - DB_REPOSITORY=ghcr.io/aquasecurity/trivy-db

internal/controller/stas/testdata/scan-job/expected-scan-job.yaml

@@ -63,7 +63,7 @@ spec:
               value: /tmp
             - name: TRIVY_SERVER
               value: http://trivy.image-scanner.svc.cluster.local
-            - name: TRIVY_QUIET
+            - name: TRIVY_DEBUG
               value: "true"
             - name: TRIVY_FORMAT
               value: template

internal/trivy/scan_job.go

@@ -192,7 +192,7 @@ func (f *filesystemScanJobBuilder) container(spec stasv1alpha1.ContainerImageSca
 		{Name: "TRIVY_SECURITY_CHECKS", Value: "vuln"},
 		{Name: "TRIVY_CACHE_DIR", Value: TempVolumeMountPath},
 		{Name: "TRIVY_SERVER", Value: f.TrivyServer},
-		{Name: "TRIVY_QUIET", Value: "true"},
+		{Name: "TRIVY_DEBUG", Value: "true"},
 		{Name: "TRIVY_FORMAT", Value: "template"},
 		{Name: "TRIVY_TEMPLATE", Value: reportTemplate},
 		{Name: "TRIVY_TIMEOUT", Value: ScanJobTimeout.String()},

test/e2e-config/kuttl-test.yaml

@@ -5,6 +5,6 @@ metadata:
   name: default
 testDirs:
   - test/e2e/scenario
-  - test/e2e/workload-scan
+#  - test/e2e/workload-scan
 timeout: 240
 reportFormat: xml

test/e2e/scenario/vulnerability-overflow/00-assert.yaml

@@ -18,6 +18,14 @@ collectors:
     command: df -h
   - type: events
     namespace: image-scanner-jobs
+  - type: command
+    command: kubectl get pods -n image-scanner-jobs
+  - type: command
+    command: kubectl get jobs -n image-scanner-jobs
+  - type: pod
+    namespace: image-scanner-jobs
+    selector: workload.statnett.no/name=vuln-app
+    tail: -1
   - type: pod
     namespace: image-scanner
     pod: trivy-0