Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Setup container scanning on-push #1040

Closed
tomkerkhove opened this issue Aug 25, 2020 · 8 comments
Closed

Setup container scanning on-push #1040

tomkerkhove opened this issue Aug 25, 2020 · 8 comments
Assignees
Labels
governance security All issues related to security

Comments

@tomkerkhove
Copy link
Member

Setup container scanning on-push with Snyk

@tomkerkhove
Copy link
Member Author

@zroubalik zroubalik added this to the v2.0 milestone Aug 25, 2020
@tomkerkhove
Copy link
Member Author

tomkerkhove commented Aug 25, 2020

This will be incorporated in master/nightly build and PR/master/nightly for Go.

@tomkerkhove
Copy link
Member Author

This is setup to scan Dockerfile during PRs:
image

Maintainers can view the report in Snyk, unfortunately we cannot make it public.

@tomkerkhove tomkerkhove removed this from the v2.0 milestone Jan 6, 2021
@idvoretskyi
Copy link
Contributor

/cc @idvoretskyi

@zroubalik
Copy link
Member

@tomkerkhove I think this is alread done, am I right?

@tomkerkhove
Copy link
Member Author

Yes, through their integration but checking with CNCF to get more insights and apparently GH Actions is the best way to go!

@idvoretskyi
Copy link
Contributor

@tomkerkhove what is the issue with the Snyk app/integration?

@tomkerkhove
Copy link
Member Author

Nothing, but I thought you wanted to use GitHub Actions instead of it because of our open Snyk Pro ticket?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
governance security All issues related to security
Projects
None yet
Development

No branches or pull requests

3 participants