Skip to content
This repository has been archived by the owner on Jan 26, 2024. It is now read-only.

[WIP] Add trivy scanning to release workflows. #9

Closed
wants to merge 2 commits into from
Closed

[WIP] Add trivy scanning to release workflows. #9

wants to merge 2 commits into from

Conversation

mattmoor
Copy link
Member

Based on: #8

mattmoor added 2 commits April 12, 2022 14:28
@mattmoor
Post to slack on failures.
4227c86 
This adds a slack action to post to our slack instance when releases fail, so we get visibility into them.

I also noticed we didn't set concurrency, so multiple releases could kick off concurrently, and this corrects that.

Signed-off-by: Matt Moore <[email protected]>
@mattmoor
Add trivy scanning to release workflows.
14f24c6 
Signed-off-by: Matt Moore <[email protected]>
@mattmoor
Copy link
Member Author

Looks like Trivy needs /etc/alpine-release to properly detect the Alpine version 🤔 .

@mattmoor
Copy link
Member Author

Hmm, I wonder whether we should simply add attesting directly to our actions instead of having every repo do this... 🤔

@knqyf263
Copy link

Hi @mattmoor, we're trying to support Alpine Distroless according to the following issue. It will be released this week.
aquasecurity/trivy#1975

Does it help you?

@mattmoor
Copy link
Member Author

It should! thanks 🙏

@knqyf263 knqyf263 mentioned this pull request Apr 13, 2022
Merged
8 tasks
@mattmoor
Copy link
Member Author

I want to build this into the distroless version of apko-snapshot itself, I think

@mattmoor mattmoor closed this Apr 13, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mattmoor @knqyf263