Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SNYK scan to build image #926

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add SNYK scan to build image #926

wants to merge 1 commit into from
+55 −73

Conversation

RMcVelia
Copy link
Contributor

@RMcVelia RMcVelia commented Jan 6, 2025
edited
Loading

Context

We should scan the build image using SNYK

Changes proposed in this pull request

  • Update the build workflow to use our build-docker-image github action, and add SNYK key so it runs the scan.
  • Add weekly build without caching workflow

Guidance to review

Check build log: https://github.com/DFE-Digital/access-your-teaching-qualifications/actions/runs/12651587377

build-no-cache: https://github.com/DFE-Digital/access-your-teaching-qualifications/actions/runs/12651449855

Link to Trello card

https://trello.com/c/9tIfEgW1/2166-scan-docker-image-in-all-repositories

Checklist

  • Attach to Trello card
  • Rebased main
  • Cleaned commit history
  • Tested by running locally

@RMcVelia RMcVelia requested a review from a team as a code owner January 6, 2025 14:38
@RMcVelia RMcVelia requested review from neillturner and removed request for a team January 6, 2025 14:38
@RMcVelia RMcVelia force-pushed the 2166-scan-docker-image-in-all-repositories branch 5 times, most recently from 72fcb8b to e217033 Compare January 6, 2025 16:15
@RMcVelia RMcVelia added the deploy label Jan 6, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 6, 2025

Deployments

App URL
Access Your Teaching Qualifications https://access-your-teaching-qualifications-pr-926.test.teacherservices.cloud
Check A Teacher's Record https://check-a-teachers-record-pr-926.test.teacherservices.cloud

@RMcVelia RMcVelia added the devops label Jan 7, 2025
@RMcVelia RMcVelia force-pushed the 2166-scan-docker-image-in-all-repositories branch from 342f2f9 to e217033 Compare January 7, 2025 12:29
saliceti
saliceti reviewed Jan 8, 2025
View reviewed changes
Dockerfile Outdated Show resolved Hide resolved
saliceti
saliceti reviewed Jan 8, 2025
View reviewed changes
Dockerfile Show resolved Hide resolved
@saliceti
Copy link
Member

saliceti commented Jan 8, 2025

Can we remove the existing action? https://github.com/DFE-Digital/access-your-teaching-qualifications/tree/main/.github/actions/build-image

@RMcVelia RMcVelia force-pushed the 2166-scan-docker-image-in-all-repositories branch from e217033 to 1a89c35 Compare January 8, 2025 15:06
@RMcVelia RMcVelia force-pushed the 2166-scan-docker-image-in-all-repositories branch from 1a89c35 to 1b6257e Compare January 8, 2025 15:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@saliceti saliceti saliceti approved these changes

@neillturner neillturner Awaiting requested review from neillturner neillturner is a code owner automatically assigned from DFE-Digital/teacher-services-infrastructure

Assignees
No one assigned
Labels
deploy devops
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@RMcVelia @saliceti