Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RESOPS-133 Add Trivy repo scan #396

Open
wants to merge 9 commits into
base: master
Choose a base branch
from

Conversation

TobySMurray
Copy link
Contributor

Description

Adds more security scanning.

Closes #133

How to Test

push to branch, workflow will run

Checklist

  • The code includes tests if relevant
  • I have actually self-reviewed my changes and done QA

@TobySMurray TobySMurray requested a review from a team as a code owner July 13, 2024 20:09
@TobySMurray TobySMurray linked an issue Jul 13, 2024 that may be closed by this pull request
Copy link
Member

@MNThomson MNThomson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's create a new job for each service (so backend, algo, frontend) in their respective CI workflow files that scans the built docker container (not the repo filesystem)

@TobySMurray
Copy link
Contributor Author

Let's create a new job for each service (so backend, algo, frontend) in their respective CI workflow files that scans the built docker container (not the repo filesystem)

Did this but not sure how to provide it our images

.github/workflows/backend.yml Outdated Show resolved Hide resolved
.github/workflows/backend.yml Outdated Show resolved Hide resolved
.github/workflows/backend.yml Outdated Show resolved Hide resolved
.github/workflows/algorithm.yml Show resolved Hide resolved
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
image-ref: 'search', 'recommend'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not valid YAML

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Docker image scanning
2 participants