-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RESOPS-133 Add Trivy repo scan #396
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's create a new job for each service (so backend, algo, frontend) in their respective CI workflow files that scans the built docker container (not the repo filesystem)
Did this but not sure how to provide it our images |
.github/workflows/algorithm.yml
Outdated
- name: Run Trivy vulnerability scanner | ||
uses: aquasecurity/[email protected] | ||
with: | ||
image-ref: 'search', 'recommend' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not valid YAML
Co-authored-by: Max Thomson <[email protected]>
Co-authored-by: Max Thomson <[email protected]>
Co-authored-by: Max Thomson <[email protected]>
Co-authored-by: Max Thomson <[email protected]>
Description
Adds more security scanning.
Closes #133
How to Test
push to branch, workflow will run
Checklist