hydra chore: update dependencies, authenticate docker hub

chore: update dependencies, authenticate docker hub

Open tricky42 opened this issue 1 year ago • 2 comments

This pull request includes several updates to the .github/workflows/cve-scan.yaml file to enhance the security scanning process and update dependencies.

Workflow Enhancements:

Added workflow_dispatch to allow manual triggering of the workflow.
Added permissions to specify read access to contents and write access to security events.

Dependency Updates:

Updated actions/checkout from v3 to v4.
Updated docker/setup-qemu-action from v2 to v3.
Updated docker/setup-buildx-action from v2 to v3.
Updated anchore/scan-action from v3 to v5.
Updated github/codeql-action/upload-sarif from v2 to v3.
Updated erzz/dockle-action from v1.3.2 to v1.

Configuration Changes:

Added steps to login to GitHub Container Registry and configure Trivy for enhanced security scanning.
Unified the image name definition to use IMAGE_NAME environment variable across all steps. [1] [2] [3]
Added environment variables to Trivy configuration to skip Java DB updates and disable VEX notices.

Nov 09 '24 09:11 tricky42

If there are no inconsistencies (like in the Hydra image tag case), this script version should work in all OpenSource repos for our services (Kratos, Oathkeeper, Keto, Hydra). I will check this; then, we could place it in ory/meta and sync it, or?

Nov 09 '24 17:11 tricky42

I will check this; then, we could place it in ory/meta and sync it, or?

absolutely

Nov 11 '24 10:11 aeneasr

hydra hydra copied to clipboard

chore: update dependencies, authenticate docker hub

Workflow Enhancements:

Dependency Updates:

Configuration Changes:

hydra
hydra copied to clipboard