Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update trivy scanning job #3733

Merged
merged 1 commit into from
Jul 15, 2024
Merged

Update trivy scanning job #3733

merged 1 commit into from
Jul 15, 2024

Conversation

yunchu
Copy link
Contributor

@yunchu yunchu commented Jul 15, 2024

Summary

This PR change the behavior of Trivy scanning job in code-scan workflow.

  • MEDIUM, HIGH, and CRITICAL vulnerability issues from the trivy scanning report will be treated as an error.
  • added spdx.json format dependency list reporting steps

How to test

Checklist

  • I have added unit tests to cover my changes.​
  • I have added integration tests to cover my changes.​
  • I have ran e2e tests and there is no issues.
  • I have added the description of my changes into CHANGELOG in my target branch (e.g., CHANGELOG in develop).​
  • I have updated the documentation in my target branch accordingly (e.g., documentation in develop).
  • I have linked related issues.

License

  • I submit my code changes under the same Apache License that covers the project.
    Feel free to contact the maintainers if that's a concern.
  • I have updated the license header for each file (see an example below).
# Copyright (C) 2024 Intel Corporation
# SPDX-License-Identifier: Apache-2.0

@github-actions github-actions bot added the BUILD label Jul 15, 2024
@yunchu yunchu force-pushed the update-code-scan-workflow-to-raise-error branch from e5a7616 to 76d5ff7 Compare July 15, 2024 00:57
@yunchu yunchu merged commit f74342c into openvinotoolkit:develop Jul 15, 2024
6 checks passed
@yunchu yunchu deleted the update-code-scan-workflow-to-raise-error branch July 15, 2024 01:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eunwoosh eunwoosh eunwoosh approved these changes

@harimkang harimkang harimkang approved these changes

@samet-akcay samet-akcay Awaiting requested review from samet-akcay samet-akcay is a code owner

@vinnamkim vinnamkim Awaiting requested review from vinnamkim

@eugene123tw eugene123tw Awaiting requested review from eugene123tw eugene123tw is a code owner

@kprokofi kprokofi Awaiting requested review from kprokofi kprokofi is a code owner

@chuneuny-emily chuneuny-emily Awaiting requested review from chuneuny-emily

@sovrasov sovrasov Awaiting requested review from sovrasov sovrasov is a code owner

@sungchul2 sungchul2 Awaiting requested review from sungchul2

@GalyaZalesskaya GalyaZalesskaya Awaiting requested review from GalyaZalesskaya

@negvet negvet Awaiting requested review from negvet negvet is a code owner

@goodsong81 goodsong81 Awaiting requested review from goodsong81

@wonjuleee wonjuleee Awaiting requested review from wonjuleee

Assignees
No one assigned
Labels
BUILD
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@yunchu @harimkang @eunwoosh