ci: add container scanning to default checks #1876
Assignees
Labels
dependencies
Pull requests that update a dependency file
enhancement
New feature or request
Epic
P1
Priority 1: Highest
Security
Related to existing or potential security vulnerabilities
Tests
Anything related to tests be that automatic or manual, integration or unit, etc.
Milestone
Comments
petermetz
added
enhancement
|
Hi @petermetz, please assign this to me. Thanks. |
aldousalvarez
added a commit
to aldousalvarez/cactus
that referenced
this issue
Mar 22, 2022
Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
|
@zondervancalvez More info I discovered while doing the scans: It might be more practical to have our own workflow that runs trivy (a part of the azure container scan tool I linked in the description of the issue above). |
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
Apr 20, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
Apr 21, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
Apr 21, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
Apr 29, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 6, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 6, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 6, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 6, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 6, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 6, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 6, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 6, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 11, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 11, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 11, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 11, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 11, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 11, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 11, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
added a commit
to zondervancalvez/cactus
that referenced
this issue
May 11, 2022
Fixes hyperledger#1876 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
petermetz
pushed a commit
that referenced
this issue
Sep 7, 2023
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes #1876 Depends On: #2121 Depends On: #2135 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
adrianbatuto
pushed a commit
to adrianbatuto/cacti
that referenced
this issue
Sep 8, 2023
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2121 Depends On: hyperledger#2135 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
adrianbatuto
added a commit
to adrianbatuto/cacti
that referenced
this issue
Sep 8, 2023
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2121 Depends On: hyperledger#2135 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
adrianbatuto
pushed a commit
to adrianbatuto/cacti
that referenced
this issue
Sep 20, 2023
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2121 Depends On: hyperledger#2135 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
|
I'll continue to work on this ticket but using Trivy container scan. I will redo the vulnerability scan using Trivy for the closed tickets that used Azure scan before. |
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Nov 10, 2023
the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
5 tasks
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Nov 10, 2023
the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Nov 14, 2023
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
sandeepnRES
pushed a commit
to sandeepnRES/cacti
that referenced
this issue
Dec 21, 2023
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2121 Depends On: hyperledger#2135 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Jan 16, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Feb 13, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Feb 28, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Feb 28, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Feb 28, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Mar 18, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Mar 18, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Mar 18, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Mar 19, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Mar 25, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Apr 1, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Apr 3, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Apr 4, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
Apr 4, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
zondervancalvez
pushed a commit
to zondervancalvez/cactus
that referenced
this issue
May 21, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
petermetz
pushed a commit
that referenced
this issue
May 21, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes #1876 Depends On: #2865 Depends On: #2864 Depends On: #2863 Depends On: #2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
sandeepnRES
pushed a commit
to sandeepnRES/cacti
that referenced
this issue
Jul 30, 2024
Trivy is a cutting-edge security tool designed to enhance the safety of containerized applications by conducting thorough vulnerability assessments. Specifically developed for scanning container images, ranging from low-severity issues to critical threats. It employs an intelligent rating system to categorize vulnerabilities based on their severity levels, ensuring that high to critical vulnerabilities are given special attention. Upon detecting vulnerabilities that fall within this elevated range, Trivy will throw an error. By integrating Trivy into our deployment pipeline, we can proactively mitigate security risks and enhance the resilience of our repository. Fixes hyperledger#1876 Depends On: hyperledger#2865 Depends On: hyperledger#2864 Depends On: hyperledger#2863 Depends On: hyperledger#2862 Signed-off-by: zondervancalvez <zondervan.v.calvez@accenture.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
As a maintainer I want to have automated security scans running on our containers so that I'm a tiny bit more confident that we are doing a good job of keeping our code as secure as possible.
https://github.com/Azure/container-scan
Acceptance Criteria
.github/workflows/*-publish.yamlfor a list of these)2023-06-14 Update:
The azure container scan [1] project has been deprecated in the meantime so we have to look for another alternative that is free, open source software that we can use for the same purpose.
[1] https://github.com/Azure/container-scan
The text was updated successfully, but these errors were encountered: