[OPT-6770] Trigger Trivy check upon merging to master

Type: Task
Resolution: Done
Priority: L3 - Default
Fix Version/s: 3.11.0-alpha5, 3.11.0
Affects Version/s: None
Component/s: continuous integration
Labels:
None

Effort:
S

Trivy for docker image scanning: https://github.com/aquasecurity/trivy
Snyk misses some stuff and there was one occasion where customers found a vulnerability that we hadn't seen. It is worth integrating such a check into our release process for added confidence.
The Zeebe controller repo has this integrated already. Maybe we can learn/copy something here.
The trivy check should get triggered when the pipeline does the smoketest for docker when merging to master

This is the controller panel for Smart Panels app

Michal Konopski added a comment - 22/Aug/23 2:38 PM

I merged this so we can see if it works for us this way

Michal Konopski added a comment - 22/Aug/23 2:38 PM I merged this so we can see if it works for us this way

Assignee:: Unassigned

Reporter:: Giuliano Rodrigues Lima

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 10/Feb/23 1:47 PM

Updated:: 10/Oct/23 1:55 PM

Resolved:: 22/Aug/23 2:38 PM

Camunda Optimize

Details

Description

mgm-controller-panel

This is the controller panel for Smart Panels app

Attachments

Activity

Collapse comment: Michal Konopski added a comment - 22/Aug/23 2:38 PM

Expand comment: Michal Konopski added a comment - 22/Aug/23 2:38 PM

People

Dates

Salesforce