adding trivy scanning to the Docker files#41
Merged
pputman-clabs merged 7 commits intocelo1from Sep 12, 2023
Merged
Conversation
|
Currently there are no images built and dependencies are pinned by the upstream. Does it make sense to add those checks? |
Author
|
@palango These are just informational to see which vulnerabilities we may have, even if they come from upstream. Depending on what's there, we may want to ask the repository we're forking from to look into possible fixes if it's something we're using internally or in the community. |
Author
|
Since everything comes from upstream, i changed the triggers instead of push/PR to just be on workflow dispatch, so we can build and scan them manually without running them everytime a PR is created. |
palango
pushed a commit
that referenced
this pull request
Sep 26, 2023
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
karlb
pushed a commit
that referenced
this pull request
Feb 7, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
karlb
pushed a commit
that referenced
this pull request
Feb 19, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
karlb
pushed a commit
that referenced
this pull request
Feb 20, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
palango
pushed a commit
that referenced
this pull request
May 16, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
palango
pushed a commit
that referenced
this pull request
May 31, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
carterqw2
pushed a commit
that referenced
this pull request
Jun 12, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
carterqw2
pushed a commit
that referenced
this pull request
Jun 12, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
carterqw2
pushed a commit
that referenced
this pull request
Jun 26, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
carterqw2
pushed a commit
that referenced
this pull request
Jun 26, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
karlb
pushed a commit
that referenced
this pull request
Sep 10, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
karlb
pushed a commit
that referenced
this pull request
Sep 10, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
palango
pushed a commit
that referenced
this pull request
Sep 24, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
karlb
pushed a commit
that referenced
this pull request
Oct 12, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
karlb
pushed a commit
that referenced
this pull request
Oct 14, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
karlb
pushed a commit
that referenced
this pull request
Oct 16, 2024
* adding trivy scanning to the Docker files * adding docker build scan * fixing typo * adding context for bedrock images * adding context to ops dockerfile packages * fixing context for ops packges: * removing push/pull triggers and adding just a manual workflow run with workflow_dispatch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adding trivy scanning to all the optimism docker files