-
Notifications
You must be signed in to change notification settings - Fork 324
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: scan operator image using Dockle and Snyk #3300
Conversation
Build Error! No Linked Issue found. Please link an issue or mention it in the body using #<issue_id> |
❗ By default, the pull request is configured to backport to all release branches.
|
Build Error! No Linked Issue found. Please link an issue or mention it in the body using #<issue_id> |
Build Error! No Linked Issue found. Please link an issue or mention it in the body using #<issue_id> |
Build Error! No Linked Issue found. Please link an issue or mention it in the body using #<issue_id> |
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
Closes #3299 Signed-off-by: Jonathan Gonzalez V <[email protected]>
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | ||
with: | ||
image: ${{ steps.docker-meta.outputs.tags }} | ||
args: --severity-threshold=high --file=${{ matrix.file }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess the --file is not needed here as we scan against docker image
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is needed but need a specific Dockerfile name as we in next step upload the result
Signed-off-by: Tao Li <[email protected]>
Signed-off-by: Tao Li <[email protected]>
/ok-to-merge |
Closes #3299 Signed-off-by: Jonathan Gonzalez V <[email protected]> Signed-off-by: Tao Li <[email protected]> Co-authored-by: Tao Li <[email protected]> (cherry picked from commit df095ef)
Closes #3299 Signed-off-by: Jonathan Gonzalez V <[email protected]> Signed-off-by: Tao Li <[email protected]> Co-authored-by: Tao Li <[email protected]>
Closes #3299