aries-cloudagent-python icon indicating copy to clipboard operation
aries-cloudagent-python copied to clipboard

Published 20 hours ago verified publisher icon hyperledger

Snyk container scanning not running on PR

Open pradeepp88 opened this issue 1 year ago • 6 comments

https://github.com/hyperledger/aries-cloudagent-python/blob/f9d9baded73e49bb796ded1ed9f327dd98ce1c14/.github/workflows/snyk.yml#L1C1-L7C15

Opening this issue to review the Snyk container scan not being run on every PR as configured.

pradeepp88 avatar May 01 '24 21:05 pradeepp88

@swcurran / @WadeBarnes - can you please check the Snyk account to see if the scans are running there? The Github action shows the last container ran 5 months ago. image

pradeepp88 avatar May 02 '24 13:05 pradeepp88

It does appear to be running: image

WadeBarnes avatar May 02 '24 13:05 WadeBarnes

@WadeBarnes thanks for checking. So it is an integration issue with Github to view the results.

Is there a public link to view the Snyk scanning results directly from there?

pradeepp88 avatar May 02 '24 15:05 pradeepp88

@pradeepp88, Submitted a PR here that should fix the Sync Container scanning issues; https://github.com/hyperledger/aries-cloudagent-python/pull/2951

WadeBarnes avatar May 15 '24 14:05 WadeBarnes

Thanks @WadeBarnes but still the sarif file is having some config errors and the workflow fails image

pradeepp88 avatar May 21 '24 18:05 pradeepp88

@WadeBarnes submitted a PR #2961 to fix this issue.

pradeepp88 avatar May 21 '24 19:05 pradeepp88

This fix was merged so I believe this issue can be closed.

jamshale avatar Jul 08 '24 19:07 jamshale