Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Terraform projects: Transition from tfsec to trivy #3753

Closed
13 tasks done
dduportal opened this issue Sep 17, 2023 · 1 comment
Closed
13 tasks done

Terraform projects: Transition from tfsec to trivy #3753

dduportal opened this issue Sep 17, 2023 · 1 comment
Assignees
@dduportal
Labels
packer terraform
Milestone
infra-team-sync-2...

Comments

@dduportal
Copy link
Contributor

dduportal commented Sep 17, 2023
edited
Loading

As per https://github.com/aquasecurity/tfsec, Aqua Security is transitioning their development effort from tfsec to trivy and recommend users to do the same.

recent 1.28.3 version of tfsec starts showing a message about this.

we should evaluate this change.

(edit)

Todo list:
@dduportal dduportal changed the title Terraform projects: Transition from trsec to tricy Terraform projects: Transition from trsec to trivy Sep 17, 2023
@lemeurherve lemeurherve added the triage Incoming issues that need review label Sep 18, 2023
@dduportal dduportal added this to the infra-team-sync-2023-09-26 milestone Sep 20, 2023
@dduportal dduportal self-assigned this Sep 21, 2023
@dduportal dduportal removed the triage Incoming issues that need review label Sep 21, 2023
@dduportal dduportal mentioned this issue Sep 21, 2023
Merged
@dduportal dduportal changed the title Terraform projects: Transition from trsec to trivy Terraform projects: Transition from tfsec to trivy Sep 21, 2023
@dduportal dduportal mentioned this issue Sep 21, 2023
Merged
dduportal added a commit to jenkins-infra/shared-tools that referenced this issue Sep 23, 2023
@dduportal
feat(terraform) use trivy for static validation or fallback to tfsec
ca29f28 
Ref. jenkins-infra/helpdesk#3753

Signed-off-by: Damien Duportal <[email protected]>
dduportal added a commit to jenkins-infra/shared-tools that referenced this issue Sep 23, 2023
@dduportal
feat(terraform) use trivy for static validation or fallback to tfsec
71277d0 
Ref. jenkins-infra/helpdesk#3753

Signed-off-by: Damien Duportal <[email protected]>
@dduportal dduportal mentioned this issue Sep 23, 2023
Merged
dduportal added a commit to jenkins-infra/shared-tools that referenced this issue Sep 23, 2023
@jenkins-infra-updatecli @dduportal @jenkins-infra-bot
Bump hashicorp-tools docker image version to 1.0.12 (#120)
d93673c 
* feat(terraform) use trivy for static validation or fallback to tfsec

Ref. jenkins-infra/helpdesk#3753

Signed-off-by: Damien Duportal <[email protected]>

* chore: Update Jenkinsfile in groovy code

Made with ❤️️ by updatecli

---------

Signed-off-by: Damien Duportal <[email protected]>
Co-authored-by: Damien Duportal <[email protected]>
Co-authored-by: Jenkins Infra Bot (updatecli) <[email protected]>
dduportal added a commit to jenkins-infra/shared-tools that referenced this issue Sep 23, 2023
@dduportal
docs(README) update references of tfsec to trivy
35396e4 
Ref. jenkins-infra/helpdesk#3753
This was referenced Sep 23, 2023
Merged
Merged
Merged
dduportal added a commit to jenkins-infra/azure that referenced this issue Sep 23, 2023
@dduportal
chore: migrate from tfsec to trivy (#478)
a29412d 
Related to jenkins-infra/helpdesk#3753

Signed-off-by: Damien Duportal <[email protected]>
This was referenced Sep 23, 2023
Merged
Merged
Merged
Merged
Merged
This was referenced Sep 28, 2023
Merged
Merged
dduportal added a commit to jenkins-infra/shared-tools that referenced this issue Oct 3, 2023
@dduportal
cleanup(terraform) remove tfsec from Makefile
67740a8 
Ref. jenkins-infra/helpdesk#3753
@dduportal
Copy link
Contributor Author

Closing as tfsec is not used in the infra (favored trivy)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dduportal dduportal

Labels
packer terraform
Projects
None yet
Milestone
infra-team-sync-2023-10-03
Development

No branches or pull requests
2 participants
@dduportal @lemeurherve