Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add security scanning on CI workflow #112

Merged
merged 91 commits into from
May 20, 2024
Merged

feat: add security scanning on CI workflow #112

merged 91 commits into from
May 20, 2024

Conversation

gabrielg2020
Copy link
Contributor

@gabrielg2020 gabrielg2020 commented May 16, 2024
edited
Loading

Description

Adding security scanning to CI workflow.

Related issue: VOL-5354

Scanning List

  • Application dependencies - Snyk
  • Terraform - Trivy

Before submitting (or marking as "ready for review")

  • Does the pull request title follow the conventional commit specification?
  • Have you performed a self-review of the code
  • Have you have added tests that prove the fix or feature is effective and working
  • Did you make sure to update any documentation relating to this change?

@gabrielg2020
feat: added security scanning on docker images with trivy
141762f
@gabrielg2020
chore: tigger CI workflow
a7990f2
@gabrielg2020
chore: tigger CI workflow
ff067a5
@gabrielg2020
fix: removed security scannning until tirvy-actions is on the allowed…
bd11a5c 
… list-a
@gabrielg2020
feat: added security scanning on php dependencies with snyk
58934f8
@gabrielg2020
chore: tigger CI workflow
47cc738
@gabrielg2020
chore: tigger CI workflow
a20ce5b
@gabrielg2020
fix: auth snyk before scanning
034cb6f
@gabrielg2020
fix: correctly run the snyk command
c8dacc9
@gabrielg2020
fix: checkout before scanning
05b6ebd
@gabrielg2020
fix: reverting last commit
bf9c3f0
@gabrielg2020
feat: changing way to get snyk working, installing package
51bf493
@gabrielg2020
fix: add checkout
511f8cf
@gabrielg2020
feat: auth and run test
55f7e75
@gabrielg2020
fix: change of plan, use snyk action set up
d7f2187
@gabrielg2020
fix: add the php snyk actions
a8af7b7
@gabrielg2020
fix: setup snyk with php
1cb665e
@gabrielg2020
chore: checking if snyk is installed
9fb8201
@gabrielg2020
fix: using synk test to scan
b94b4a3
@gabrielg2020
fix: syntax error
8a9626d
@gabrielg2020
fix: added secret to php.yaml
658d5d7
@gabrielg2020
fix: using synk test to scan
05a96aa
@gabrielg2020
feat: testing adding a sperate security workflow
9cdde37
@gabrielg2020
fix: track security.yaml
e2d3dff
@gabrielg2020
feat: snyk tests run on security
b2834be
@gabrielg2020
feat: adding checkout action
ad4eadb
@gabrielg2020
fix: remvoed snyk from php.yaml
235f110
@gabrielg2020
fix: scheduled everymonday at 00:00UTC
2922a3a
@gabrielg2020
fix: only run security checks on images that have changed
5185277
@gabrielg2020
fix: remove scheduling in security.yaml
fb0b64f
@gabrielg2020 gabrielg2020 self-assigned this May 16, 2024
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@gabrielg2020 gabrielg2020 marked this pull request as ready for review May 20, 2024 09:32
JoshuaLicense
JoshuaLicense suggested changes May 20, 2024
View reviewed changes
.github/workflows/ci.yaml Outdated Show resolved Hide resolved
.github/workflows/ci.yaml Outdated Show resolved Hide resolved
.github/workflows/security-app.yaml Outdated Show resolved Hide resolved
.github/workflows/ci.yaml Show resolved Hide resolved
.github/workflows/security-terraform.yaml Outdated Show resolved Hide resolved
infra/docker/internal/Dockerfile Outdated Show resolved Hide resolved
@JoshuaLicense JoshuaLicense merged commit 2832f47 into main May 20, 2024
15 checks passed
@JoshuaLicense JoshuaLicense deleted the add-security-scanning-to-ci-VOL-5354 branch May 20, 2024 13:37
@github-actions github-actions bot mentioned this pull request May 20, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JoshuaLicense JoshuaLicense JoshuaLicense approved these changes

Assignees

@gabrielg2020 gabrielg2020

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gabrielg2020 @JoshuaLicense