sig-security icon indicating copy to clipboard operation
sig-security copied to clipboard

Published 20 hours ago verified publisher icon kubernetes

Move Snyk Scripts from k/test-infra to k/sig-security/sig-security-tooling

Open PushkarJ opened this issue 2 years ago • 7 comments

As we learnt from https://github.com/kubernetes/test-infra/pull/26896#discussion_r932628360 it is possible for prow to pick up shell scripts outside of k/test-infra.

Moving the script that is present here: https://github.com/kubernetes/test-infra/blob/master/config/jobs/kubernetes/sig-k8s-infra/trusted/sig-security-trusted.yaml#L29-L87 into a dedicated shell script with name build-deps-and-release-images.sh under k/sig-security/sig-security-tooling/scanning would be great for faster iteration and approvals and reviews can be managed within SIG Security members.

/sig security /good-first-issue /help

PushkarJ avatar Aug 30 '22 19:08 PushkarJ

@PushkarJ: This request has been marked as suitable for new contributors.

Guidelines

Please ensure that the issue body includes answers to the following questions:

  • Why are we solving this issue?
  • To address this issue, are there any code changes? If there are code changes, what needs to be done in the code and what places can the assignee treat as reference points?
  • Does this issue have zero to low barrier of entry?
  • How can the assignee reach out to you for help?

For more details on the requirements of such an issue, please see here and ensure that they are met.

If this request no longer meets these requirements, the label can be removed by commenting with the /remove-good-first-issue command.

In response to this:

As we learnt from https://github.com/kubernetes/test-infra/pull/26896#discussion_r932628360 it is possible for prow to pick up shell scripts outside of k/test-infra.

Moving the script that is present here: https://github.com/kubernetes/test-infra/blob/master/config/jobs/kubernetes/sig-k8s-infra/trusted/sig-security-trusted.yaml#L29-L87 into a dedicated shell script with name build-deps-and-release-images.sh under k/sig-security/sig-security-tooling/scanning would be great for faster iteration and approvals and reviews can be managed within SIG Security members.

/sig security /good-first-issue /help

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

k8s-ci-robot avatar Aug 30 '22 19:08 k8s-ci-robot

/hold for https://github.com/kubernetes/test-infra/pull/27309

PushkarJ avatar Aug 30 '22 19:08 PushkarJ

Hi @PushkarJ is this issue open for contribution?

lakshya8066 avatar Sep 02 '22 03:09 lakshya8066

Yes the PR blocking it is merged. So you can work on this if you'd like

PushkarJ avatar Sep 02 '22 16:09 PushkarJ

/assign

lakshya8066 avatar Sep 02 '22 17:09 lakshya8066

The Kubernetes project currently lacks enough contributors to adequately respond to all PRs.

This bot triages PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the PR is closed

You can:

  • Mark this PR as fresh with /remove-lifecycle stale
  • Close this PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Feb 08 '23 02:02 k8s-triage-robot

/remove-lifecycle stale

tabbysable avatar Apr 18 '24 16:04 tabbysable