aquasecurity · simar7 · Aug 30, 2024 · Aug 28, 2024 · Aug 29, 2024 · Aug 29, 2024
@@ -25,7 +25,7 @@ require (
 	github.com/aquasecurity/table v1.8.0
 	github.com/aquasecurity/testdocker v0.0.0-20240730042311-4642e94c7fc8
 	github.com/aquasecurity/tml v0.6.1
-	github.com/aquasecurity/trivy-checks v0.13.1-0.20240809030752-558fcff75807
+	github.com/aquasecurity/trivy-checks v0.13.1-0.20240828192740-fb12f73814ce
 	github.com/aquasecurity/trivy-db v0.0.0-20240718084044-d23a6ca8ba04
 	github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48
 	github.com/aquasecurity/trivy-kubernetes v0.6.7-0.20240707095038-0300bc49b68b

@@ -348,8 +348,8 @@ github.com/aquasecurity/testdocker v0.0.0-20240730042311-4642e94c7fc8 h1:b43UVqY
 github.com/aquasecurity/testdocker v0.0.0-20240730042311-4642e94c7fc8/go.mod h1:wXA9k3uuaxY3yu7gxrxZDPo/04FEMJtwyecdAlYrEIo=
 github.com/aquasecurity/tml v0.6.1 h1:y2ZlGSfrhnn7t4ZJ/0rotuH+v5Jgv6BDDO5jB6A9gwo=
 github.com/aquasecurity/tml v0.6.1/go.mod h1:OnYMWY5lvI9ejU7yH9LCberWaaTBW7hBFsITiIMY2yY=
-github.com/aquasecurity/trivy-checks v0.13.1-0.20240809030752-558fcff75807 h1:yw2INXrbfekt1yHDQAlNZlHIUZQXMcSS+mWI9XWJUN0=
-github.com/aquasecurity/trivy-checks v0.13.1-0.20240809030752-558fcff75807/go.mod h1:Xec/SMVGV66I7RgUqOX9MEr+YxBqHXDVLTYmpspPi3E=
+github.com/aquasecurity/trivy-checks v0.13.1-0.20240828192740-fb12f73814ce h1:oE+JfRmPR0Mn/hxUZi+ib+r16upsn439Y4TqcC1/8k0=
+github.com/aquasecurity/trivy-checks v0.13.1-0.20240828192740-fb12f73814ce/go.mod h1:zLBeXaTJkAvPZqKiRACAsP49ZywCEXFEjXMLa8kmc8Q=
 github.com/aquasecurity/trivy-db v0.0.0-20240718084044-d23a6ca8ba04 h1:6/T8sFdNVG/AwOGoK6X55h7hF7LYqK8bsuPz8iEz8jM=
 github.com/aquasecurity/trivy-db v0.0.0-20240718084044-d23a6ca8ba04/go.mod h1:0T6oy2t1Iedt+yi3Ml5cpOYp5FZT4MI1/mx+3p+PIs8=
 github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48 h1:JVgBIuIYbwG+ekC5lUHUpGJboPYiCcxiz06RCtz8neI=

@@ -10,7 +10,6 @@ import (
 
 	"github.com/aquasecurity/trivy/internal/testutil"
 	"github.com/aquasecurity/trivy/pkg/iac/framework"
-	"github.com/aquasecurity/trivy/pkg/iac/rego"
 	"github.com/aquasecurity/trivy/pkg/iac/rego/schemas"
 	"github.com/aquasecurity/trivy/pkg/iac/scan"
 	"github.com/aquasecurity/trivy/pkg/iac/scanners/options"
@@ -553,27 +552,23 @@ res := true
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			regoMap := make(map[string]string)
-			libs, err := rego.LoadEmbeddedLibraries()
-			require.NoError(t, err)
-			for name, library := range libs {
-				regoMap["/rules/"+name] = library.String()
-			}
-			regoMap["/code/Dockerfile"] = `FROM golang:1.7.3 as dep
+			fsysMap := make(map[string]string)
+			fsysMap["/code/Dockerfile"] = `FROM golang:1.7.3 as dep
 COPY --from=dep /binary /`
-			regoMap["/rules/rule.rego"] = tc.inputRegoPolicy
-			regoMap["/rules/schemas/myfancydockerfile.json"] = string(schemas.Dockerfile) // just use the same for testing
-			fs := testutil.CreateFS(t, regoMap)
+			fsysMap["/rules/rule.rego"] = tc.inputRegoPolicy
+			fsysMap["/rules/schemas/myfancydockerfile.json"] = string(schemas.Dockerfile) // just use the same for testing
+			fsys := testutil.CreateFS(t, fsysMap)
 
 			var traceBuf bytes.Buffer
 
 			scanner := NewScanner(
 				options.ScannerWithPolicyDirs("rules"),
+				options.ScannerWithEmbeddedLibraries(true),
 				options.ScannerWithTrace(&traceBuf),
 				options.ScannerWithRegoErrorLimits(0),
 			)
 
-			results, err := scanner.ScanFS(context.TODO(), fs, "code")
+			results, err := scanner.ScanFS(context.TODO(), fsys, "code")
 			if tc.expectedError != "" && err != nil {
 				require.Equal(t, tc.expectedError, err.Error(), tc.name)
 			} else {