[DPE-6365] add trivy to github workflow #45
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MiaAltieri
force-pushed
the
DPE-6365-trivy
branch
from
92d99aa to
868223a
Compare
MiaAltieri
force-pushed
the
DPE-6365-trivy
branch
from
221ea66 to
2c20ab0
Compare
MiaAltieri
force-pushed
the
DPE-6365-trivy
branch
from
53cf4d7 to
1a6ab93
Compare
MiaAltieri
force-pushed
the
DPE-6365-trivy
branch
from
1a6ab93 to
4f43e53
Compare
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
MiaAltieri
force-pushed
the
DPE-6365-trivy
branch
from
84271a8 to
b7ead93
Compare
Mehdi-Bendriss
approved these changes
Jan 23, 2025
Gu1nness
approved these changes
Jan 27, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue
No SBOM generation or Code scanning is currently done for our rock
Solution
Add this based on Kafka
Code scanning results
link to code scanning results note many are critical
Since snap is used in the rock, it is not strictly necessary to duplicate this work for snaps and take up more runners than necessary