Umbrella issue: Migrate CVE feed to run under cloud build

As extensively discussed in the Tooling subproject meetings, we are migrating the CVE feed generation off of the privileged build cluster. The recommended replacement from sig-k8s-infra folks is to run it in Cloud Build.

Overall steps:
- [x] Create a GCP project
  - Done in https://github.com/kubernetes/k8s.io/pull/7838
- [ ] Assign permissions for the GCP project
  - Documented in kubernetes/sig-security/issues/149
- [ ] Update [GCS bucket permissions](https://github.com/kubernetes/k8s.io/blob/main/infra/gcp/terraform/kubernetes-public/k8s-cve-feed.tf#L29) to allow cloud build job to write to it
- [ ] Define and deploy the cloud build job that will run the generation script
  - First step here is to figure out how to do so, probably by reading TF examples in https://github.com/kubernetes/k8s.io/blob/main/infra/gcp/terraform/ 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Umbrella issue: Migrate CVE feed to run under cloud build #150

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Umbrella issue: Migrate CVE feed to run under cloud build #150

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions