Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DAT-16012

DevOps :: Resolve security issues in docker repo #260

Merged
merged 7 commits into from
Dec 12, 2023
Merged

DAT-16012

DevOps :: Resolve security issues in docker repo #260

merged 7 commits into from
Dec 12, 2023

Commits on Dec 1, 2023

  1. chore(Dockerfile.alpine): update base image from alpine:3.18.4 to alp… 

    …ine:3.18.5 for both builder and final image stages
    jandroav committed Dec 1, 2023
    Configuration menu
    Copy the full SHA
    81ae663 View commit details
    Browse the repository at this point in the history

  2. fix(trivy.yml): fix image reference in docker build command to includ… 

    …e the correct Dockerfile based on the matrix configuration

fix(trivy.yml): fix output file name for Trivy scan results to include the correct suffix based on the matrix configuration
    jandroav committed Dec 1, 2023
    Configuration menu
    Copy the full SHA
    c7199f6 View commit details
    Browse the repository at this point in the history

  3. fix(trivy.yml): specify Dockerfile path using -f flag in docker build… 

    … command to ensure correct file is used for building the image
    jandroav committed Dec 1, 2023
    Configuration menu
    Copy the full SHA
    af2cae3 View commit details
    Browse the repository at this point in the history

  4. chore(trivy.yml): remove matrix strategy for building Docker images t… 

    …o simplify the workflow

fix(trivy.yml): update image-ref and sarif_file values to remove matrix suffix for consistency and clarity
    jandroav committed Dec 1, 2023
    Configuration menu
    Copy the full SHA
    015957e View commit details
    Browse the repository at this point in the history

  5. fix(trivy.yml): specify Dockerfile path in docker build command to en… 

    …sure correct file is used for building the image

feat(trivy.yml): add support for building and scanning an additional Alpine-based image
feat(trivy.yml): upload Trivy scan results for the Alpine-based image to GitHub Security tab
feat(trivy.yml): generate security report using the rsdmike/github-security-report-action
    jandroav committed Dec 1, 2023
    Configuration menu
    Copy the full SHA
    619cf5c View commit details
    Browse the repository at this point in the history

  6. chore(trivy.yml): add category metadata to Trivy scan results for bet… 

    …ter organization and filtering in GitHub Security tab
    jandroav committed Dec 1, 2023
    Configuration menu
    Copy the full SHA
    1121544 View commit details
    Browse the repository at this point in the history

Commits on Dec 12, 2023

  1. Merge branch 'main' into DAT-16012

    @jnewton03
    jnewton03 authored Dec 12, 2023
    Configuration menu
    Copy the full SHA
    72fe181 View commit details
    Browse the repository at this point in the history