Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create trivy.yml #2458

Merged
merged 17 commits into from
May 31, 2024
Merged

Create trivy.yml #2458

merged 17 commits into from
May 31, 2024

Conversation

dcmcand
Copy link
Contributor

@dcmcand dcmcand commented May 9, 2024
edited
Loading

Reference Issues or PRs

closes #2459

What does this implement/fix?

Put a x in the boxes that apply

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds a feature)
  • Breaking change (fix or feature that would cause existing features not to work as expected)
  • Documentation Update
  • Code style update (formatting, renaming)
  • Refactoring (no functional changes, no API changes)
  • Build related changes
  • Other (please describe):

Testing

  • Did you test the pull request locally?
  • Did you add new tests?

Any other comments?

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

viniciusdc
viniciusdc reviewed May 10, 2024
View reviewed changes
.github/workflows/trivy.yml
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
Copy link
Contributor

@viniciusdc viniciusdc May 10, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this actions: read needed?

dcmcand and others added 2 commits May 23, 2024 12:44
@dcmcand @viniciusdc
Update .github/workflows/trivy.yml
1d8e3ec 
Co-authored-by: Vinicius D. Cerutti <51954708+viniciusdc@users.noreply.github.com>
@dcmcand
Merge branch 'develop' into add-trivy-to-ci
be22cee
@viniciusdc viniciusdc merged commit 6c8b973 into develop May 31, 2024
4 checks passed
@viniciusdc viniciusdc deleted the add-trivy-to-ci branch May 31, 2024 13:58
@viniciusdc viniciusdc mentioned this pull request Aug 1, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@viniciusdc viniciusdc viniciusdc approved these changes

@Adam-D-Lewis Adam-D-Lewis Awaiting requested review from Adam-D-Lewis

@marcelovilla marcelovilla Awaiting requested review from marcelovilla

Assignees
No one assigned
Labels
None yet
Projects
🪴 Nebari Project Management
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add static code analysis to CI
2 participants
@dcmcand @viniciusdc