Skip to content

Enable vulnerability scanning with Trivy #311

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
cruizen wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

Enable vulnerability scanning with Trivy #311

cruizen wants to merge 2 commits into from

Conversation

@cruizen
Copy link
Contributor

@cruizen cruizen commented Jun 14, 2022
edited
Loading

Create trivy.yml GitHub action to enable license scan with Trivy

ISSUE(S):

SUMMARY

ISSUE TYPE

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that may cause existing functionality to not work as expected)
  • This change requires a documentation update

TESTING DONE

Manual

License check is performed as part of this PR build

Reviewers

/cc @anupbarve, @AnirudhPokala, @devidask27

@cruizen
Create trivy.yml
3134af1 
Enable license scan with Trivy
@cruizen cruizen marked this pull request as draft June 14, 2022 14:17
@cruizen cruizen changed the title Create trivy.yml Enable vulnerability scanning with Trivy Jun 14, 2022
@cruizen cruizen marked this pull request as ready for review January 27, 2023 09:26
@cruizen cruizen marked this pull request as draft January 27, 2023 09:31
@cruizen
Copy link
Contributor Author

cruizen commented Jan 27, 2023

TODO: This will need a Dockerfile.

@cruizen cruizen requested review from a team and gauravgavhane05 March 13, 2024 08:44
@cruizen cruizen requested review from NeelavaChatterjee and mridulgain and removed request for devidask27 February 26, 2025 08:25
NeelavaChatterjee
NeelavaChatterjee reviewed Feb 27, 2025
View reviewed changes
.github/workflows/trivy.yml
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
name: Build
runs-on: "ubuntu-18.04"
Copy link

@NeelavaChatterjee NeelavaChatterjee Feb 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is there a requirement for this to be u18 can we use a higher one like u24?

NeelavaChatterjee
NeelavaChatterjee reviewed Feb 27, 2025
View reviewed changes
.github/workflows/trivy.yml
# The branches below must be a subset of the branches above
branches: [ "master" ]
schedule:
- cron: '31 6 * * 3'
Copy link

@NeelavaChatterjee NeelavaChatterjee Feb 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems to be 6:31 every Wed, so does it need to be every week? We are already doing it one during PRs so maybe once a month would suffice?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@NeelavaChatterjee NeelavaChatterjee NeelavaChatterjee left review comments

@AnirudhPokala AnirudhPokala Awaiting requested review from AnirudhPokala

@gauravgavhane05 gauravgavhane05 Awaiting requested review from gauravgavhane05

@mridulgain mridulgain Awaiting requested review from mridulgain

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cruizen @NeelavaChatterjee