Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Separate workflows for dev and master trivy scans #1395

Merged
merged 9 commits into from
Feb 23, 2023
Merged

Separate workflows for dev and master trivy scans #1395

merged 9 commits into from
Feb 23, 2023

Conversation

i-oden
Copy link
Member

@i-oden i-oden commented Feb 23, 2023
edited
Loading

1. This PR contains the following changes...

The scans are currently confusing and the dev branch is scanning the master image. This duplicates a lot of the code but it clarifies. Master branch should now scan release, and dev should be scanning dev image.

2. The following additional changes are required for this to work

X

3. The PR fixes the following GitHub issue / Jira task

  • GitHub issue (link):
  • Jira task (ID, DDS-xxxx):
  • The PR does not fix a specific GitHub issue or Jira task

4. What type of change(s) does the PR contain?

  • New feature
    • Breaking: Please describe the reason for the break and how we can fix it.
    • Non-breaking
  • Database change
    • Migration included in PR
    • Migration not needed
  • Bug fix
    • Breaking: Please describe the reason for the break and how we can fix it.
    • Non-breaking
  • Security Alert fix
  • Documentation
  • Tests (only)
  • Workflow

5. Checklist

Always

  • Changelog
    • Added
    • Not needed (E.g. PR contains only tests)
  • Rebase / Update / Merge from base branch (the branch from which the current is forked)
    • Done
    • Not needed
  • Blocking PRs
    • Merged
    • No blocking PRs
  • PR to master branch

If PR consists of code change(s)

  • Self review
    • Done
  • Comments, docstrings, etc
    • Added / Updated
  • Documentation
    • Updated
    • Update not needed

6. Actions / Scans

  • Black: Python code formatter. Does not execute. Only tests.
    Run black . locally to execute formatting.
    • Passed
  • Prettier: General code formatter. Our use case: MD and yaml mainly.
    Run npx prettier --write . locally to execute formatting.
    • Passed
  • Yamllint: Linting of yaml files.
    • Passed
  • Tests: Pytest to verify that functionality works as expected.
    • New tests added
    • No new tests
    • Passed
  • CodeQL: Scan for security vulnerabilities, bugs, errors
    • New alerts: Go through them and either fix, dismiss och ignore. Add reasoning in items below.
    • Alerts fixed: What?
    • Alerts ignored / dismissed: Why?
    • Passed
  • Trivy: Security scanner
    • New alerts: Go through them and either fix, dismiss och ignore. Add reasoning in items below.
    • Alerts fixed: What?
    • Alerts ignored / dismissed: Why?
    • Passed
  • Snyk: Security scanner
    • New alerts: Go through them and either fix, dismiss och ignore. Add reasoning in items below.
    • Alerts fixed: What?
    • Alerts ignored / dismissed: Why?
    • Passed

@i-oden i-oden self-assigned this Feb 23, 2023
@i-oden i-oden changed the title separate files Separate workflows for dev and master trivy scans Feb 23, 2023
@i-oden i-oden merged commit 657f2de into dev Feb 23, 2023
@i-oden i-oden deleted the fix-trivy-scan branch February 23, 2023 14:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@i-oden i-oden

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@i-oden