-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
🐛 fix trivyoperator tags #11276
🐛 fix trivyoperator tags #11276
Conversation
DryRun Security SummaryThe provided code changes focus on improving the handling and reporting of security findings and vulnerabilities detected by the Trivy security scanner, including optimizing the handling of metadata, enhancing the processing and reporting of detected secrets, expanding the vulnerability metadata captured, introducing a "uniformed" vulnerability ID, and filtering out any empty tags. Expand for full summarySummary: The provided code changes focus on improving the handling and reporting of security findings and vulnerabilities detected by the Trivy security scanner. The key changes include:
From an application security perspective, these changes demonstrate a focus on improving the overall security posture of the application by enhancing the quality and usefulness of the security findings and vulnerability data. The changes do not introduce any obvious security vulnerabilities, and they appear to be in line with industry-standard security practices and recommendations. Files Changed:
Code AnalysisWe ran Riskiness🟢 Risk threshold not exceeded. |
a244f6a
to
e649f9a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved
@cneill , no resource_namespace shouldn't be a list here. |
Hm. I can't replicate this behavior with the exposed secrets scan report here. I get a single Does your scan file differ in some way from the one in |
Hm, weird, I can't replicate it now. Maybe a different PR fixed this on the fly. If I can't replicate it, I will stick to your suggestion @cneill . |
@manuel-sommer I am not sure if this ready for merge or not. Let me know if you are ready for this one to go in 😄 |
Let's merge it @Maffooch . I tested it again today and found no bugs. In case I find another bug, I will submit a PR regarding trivy operator. I am actively testing it for soonish future use. |
Some TrivyOperator tags were empty