Loading...

XML

Word

Printable

Details

Type: Task
Resolution: Done
Priority: L3 - Default
Fix Version/s: 3.11.0-alpha5, 3.11.0
Affects Version/s: None
Component/s: continuous integration
Labels:
None

Effort:
S

Description

Trivy for docker image scanning: https://github.com/aquasecurity/trivy
Snyk misses some stuff and there was one occasion where customers found a vulnerability that we hadn't seen. It is worth integrating such a check into our release process for added confidence.
The Zeebe controller repo has this integrated already. Maybe we can learn/copy something here.
The trivy check should get triggered when the pipeline does the smoketest for docker when merging to master

mgm-controller-panel

This is the controller panel for Smart Panels app

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Giuliano Rodrigues Lima

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 10/Feb/23 1:47 PM

Updated:: 10/Oct/23 1:55 PM

Resolved:: 22/Aug/23 2:38 PM

Trigger Trivy check upon merging to master