Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: publish trivy container scan results to GitHub Security tab #34

Merged
merged 9 commits into from
Feb 23, 2024

Conversation

ppawlowski
Copy link
Collaborator

Description

This PR adds the functionality to publish the scan results to the GitHub Security tab using the CodeQL action. This will improve the security analysis of container images and provide better visibility into vulnerabilities.
Additionally, it updates the aquasecurity/trivy-action action to version 0.17.0

Related Issue(s)

#31

Checklist

  • I have read the contribution guidelines
  • Suitable unit/system level tests have been added and they pass
  • Documentation has been updated
    • Upgrade instructions
    • Configuration details
    • Concepts
  • Changes flowforge.yml?
    • Issue/PR raised on FlowFuse/helm to update ConfigMap Template
    • Issue/PR raised on FlowFuse/CloudProject to update values for Staging/Production

Labels

  • Backport needed? -> add the backport label
  • Includes a DB migration? -> add the area:migration label

@hardillb hardillb merged commit d49deaa into main Feb 23, 2024
@hardillb hardillb deleted the feat-publish-trivy-to-github-sec branch February 23, 2024 22:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants