-
Notifications
You must be signed in to change notification settings - Fork 268
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add trivy scanning to PR reports #6806
Conversation
Signed-off-by: Derek Nola <[email protected]>
Signed-off-by: Derek Nola <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #6806 +/- ##
==========================================
- Coverage 25.11% 9.54% -15.57%
==========================================
Files 33 33
Lines 2839 2839
==========================================
- Hits 713 271 -442
- Misses 2079 2545 +466
+ Partials 47 23 -24
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
* Add trivy GHA workflow for scanning rke2-runtime image Signed-off-by: Derek Nola <[email protected]> * Use customer runners Signed-off-by: Derek Nola <[email protected]> --------- Signed-off-by: Derek Nola <[email protected]>
* Add trivy GHA workflow for scanning rke2-runtime image Signed-off-by: Derek Nola <[email protected]> * Use customer runners Signed-off-by: Derek Nola <[email protected]> --------- Signed-off-by: Derek Nola <[email protected]>
* Add trivy GHA workflow for scanning rke2-runtime image Signed-off-by: Derek Nola <[email protected]> * Use customer runners Signed-off-by: Derek Nola <[email protected]> --------- Signed-off-by: Derek Nola <[email protected]>
* Add trivy GHA workflow for scanning rke2-runtime image Signed-off-by: Derek Nola <[email protected]> * Use customer runners Signed-off-by: Derek Nola <[email protected]> --------- Signed-off-by: Derek Nola <[email protected]>
* Add trivy scanning to PR reports (#6806) * Add trivy GHA workflow for scanning rke2-runtime image * Add membership check * Breakup trivy scan into isolated jobs Signed-off-by: Derek Nola <[email protected]>
* Add trivy scanning to PR reports (#6806) * Add trivy GHA workflow for scanning rke2-runtime image * Breakup trivy scan into isolated jobs Signed-off-by: Derek Nola <[email protected]>
* Add trivy scanning to PR reports (#6806) * Add trivy GHA workflow for scanning rke2-runtime image * Breakup trivy scan into isolated jobs Signed-off-by: Derek Nola <[email protected]>
* Add trivy scanning to PR reports (#6806) * Add trivy GHA workflow for scanning rke2-runtime image * Breakup trivy scan into isolated jobs Signed-off-by: Derek Nola <[email protected]>
Proposed Changes
Once this is merged, it allows user to comment
/trivy
on a PR to trigger a trivy report on the rke2-runtime and rke2 go.modTypes of Changes
CI
Verification
Verified on dereknola#2 (note that was using the GHA public runners, I can't test if the custom runners work until we merge this PR into master)
Testing
N/A
Linked Issues
User-Facing Change
Further Comments
For now we are only reporting on the linux amd64 build of rke2-runtime. In the future, we can expand this to the windows and other images.