You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@skywalking.apache.org by ha...@apache.org on 2021/06/10 07:13:35 UTC

[skywalking] branch scan-image created (now e368008)

This is an automated email from the ASF dual-hosted git repository.

hanahmily pushed a change to branch scan-image
in repository https://gitbox.apache.org/repos/asf/skywalking.git.


      at e368008  Introduce trivy to scan images

This branch includes the following new commits:

     new e368008  Introduce trivy to scan images

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

[skywalking] 01/01: Introduce trivy to scan images

Posted by ha...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

hanahmily pushed a commit to branch scan-image
in repository https://gitbox.apache.org/repos/asf/skywalking.git

commit e368008195c48ca44de20c21e48ae470a790ae6d
Author: Gao Hongtao <ha...@gmail.com>
AuthorDate: Thu Jun 10 15:12:18 2021 +0800

    Introduce trivy to scan images
    
    Signed-off-by: Gao Hongtao <ha...@gmail.com>
---
 .github/workflows/docker-ci.yaml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/.github/workflows/docker-ci.yaml b/.github/workflows/docker-ci.yaml
index da74c9d..2b446a2 100644
--- a/.github/workflows/docker-ci.yaml
+++ b/.github/workflows/docker-ci.yaml
@@ -59,6 +59,24 @@ jobs:
             ${{ runner.os }}-maven-
       - name: Build docker image
         run: export ES_VERSION=${{ matrix.es }} && export TAG=${{ matrix.es }} && (make docker || make docker)
+      - name: Scan OAP image
+        uses: aquasecurity/trivy-action@master
+          with:
+            image-ref: 'skywalking/oap:${{ matrix.es }}'
+            format: 'table'
+            exit-code: '1'
+            ignore-unfixed: true
+            vuln-type: 'os,library'
+            severity: 'CRITICAL,HIGH'
+      - name: Scan UI image
+        uses: aquasecurity/trivy-action@master
+          with:
+            image-ref: 'skywalking/ui:${{ matrix.es }}'
+            format: 'table'
+            exit-code: '1'
+            ignore-unfixed: true
+            vuln-type: 'os,library'
+            severity: 'CRITICAL,HIGH'
       - name: Bootstrap cluster
         run: |
           case ${{ matrix.es }} in