Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: enable automatic vulnerability reports for existing workflow reports #74

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

DnPlas
Copy link
Contributor

@DnPlas DnPlas commented Oct 9, 2024

This commit adds get-published-images-scan-and-report.yaml, a re-usable workflow that enables repositories to scan images from a public registry (in the case of the Analytics team it defaults to charmedkubeflow) and reports back the security vulnerabilities as Github issues.
This workflow is intended to be used on demand (using a workflow dispatch) and on schedule, as it will be used for continuous testing of the published images a rock repository generates.

Part of #69

This commit enables the automatic creation of Github issues when a security
vulnerability is found in the scan jobs that the build-scan-test-publish-rock.yaml
already performs.
The intention of this is to add reporting capabilities to the workflows that
are already using build-scan-test-publish-rock.yaml on_merge, that is, enable automatic
reports of vulnerabilities as Github issues on every merge.

Part of #69
@DnPlas DnPlas requested a review from a team as a code owner October 9, 2024 03:34
@DnPlas DnPlas changed the title ci: enable automatic vulnerability reports for existing workflow ci: enable automatic vulnerability reports for existing workflow reports Oct 9, 2024
@DnPlas DnPlas marked this pull request as draft October 9, 2024 03:34
Base automatically changed from KF-6331-dev-branch to main October 15, 2024 09:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant