ceph-container icon indicating copy to clipboard operation
ceph-container copied to clipboard

Published 20 hours ago verified publisher icon ceph

add trivy scanner github action to report vulnarabiliites.

Open humblec opened this issue 3 years ago • 2 comments

This adds a trivy scanner test to report vulnerabilities.

Signed-off-by: Humble Chirammal [email protected]

humblec avatar Nov 15 '22 10:11 humblec

Thanks @guits ! looks like now we have the vulnarabilities reported on the base image here https://github.com/ceph/ceph-container/actions/runs/3470012183/jobs/5797688534

humblec avatar Nov 15 '22 13:11 humblec

I don't think the Trivy check failing the pipelines will work - Trivy currently checks for RHEL vulnerabilities and still find some issues even with the latest CentOS Stream images currently. (possibly divergence of versioning?) (It might be useful to have it show up as warnings instead though)

mohag avatar Feb 09 '23 07:02 mohag

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed in two weeks if no further activity occurs. Thank you for your contributions.

github-actions[bot] avatar Apr 10 '24 20:04 github-actions[bot]

This pull request has been automatically closed due to inactivity. Please re-open if these changes are still required.

github-actions[bot] avatar Apr 25 '24 20:04 github-actions[bot]