Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

replace twistlock scanning with trivy #707

Merged
merged 1 commit into from
Nov 8, 2024

Conversation

ap00rv
Copy link
Contributor

@ap00rv ap00rv commented Oct 23, 2024

Background

This PR is being created to enable trivy scanning for this repository by replacing the existing cve_scan and run_maven_cve_scan semaphore configurations with trivy_scan.
This is part of a larger effort to improve Third party vulnerability (CVE) detection workflow for connectors by:

  • letting developers verify the fixes for third party vulnerabilities at PR stage
  • failing the pipeline if CRITICAL third-party vulnerabilities are found
  • letting developers get a self-service exception for CRITICAL vulnerabilities using .trivyignore file

🚨## Action needed🚨
Please approve and merge this change. Once you merge it, you will get another PR from service-bot to add trivy scanning to the pipeline.
** Please approve and merge both PRs before November 11, 2024.**
If status checks are failing, please debug as necessary. Contact #appsec slack channel for help.

@ap00rv ap00rv requested a review from a team as a code owner October 23, 2024 22:48
@confluent-cla-assistant
Copy link

🎉 All Contributor License Agreements have been signed. Ready to merge.
Please push an empty commit if you would like to re-run the checks to verify CLA status for all contributors.

@sonarqube-confluent
Copy link

Passed

Analysis Details

0 Issues

  • Bug 0 Bugs
  • Vulnerability 0 Vulnerabilities
  • Code Smell 0 Code Smells

Coverage and Duplications

  • Coverage No coverage information (72.70% Estimated after merge)
  • Duplications No duplication information (0.70% Estimated after merge)

Project ID: kafka-connect-hdfs

View in SonarQube

@vbalani002 vbalani002 merged commit dae32f2 into master Nov 8, 2024
2 checks passed
@vbalani002 vbalani002 deleted the replace-twistlock-with-trivy branch November 8, 2024 10:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants