Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable trivy and disable tfsec by default #1283

Closed
suzuki-shunsuke opened this issue Nov 8, 2023 · 0 comments · Fixed by #1291
Closed

Enable trivy and disable tfsec by default #1283

suzuki-shunsuke opened this issue Nov 8, 2023 · 0 comments · Fixed by #1291
Labels
breaking change enhancement New feature or request
Milestone
v1.0.0

Comments

@suzuki-shunsuke
Copy link
Owner

suzuki-shunsuke commented Nov 8, 2023
edited
Loading

Feature Overview

Enable trivy and disable tfsec by default

Why is the feature needed?

tfsec was deprecated.

https://github.com/aquasecurity/tfsec#-tfsec-to-trivy-migration

⚠️ Breaking Changes

tfsec will be replaced with trivy.
So you need to migrate tfsec to trivy.

How to migrate

There are two options.

  1. Migrate tfsec to trivy (Recommended)
  2. Configure tfaction-root.yaml to keep the original behaviour (Not recommended)

Migrate tfsec to trivy (Recommended)

  1. Please follow the official migration guide.

https://github.com/aquasecurity/tfsec#-tfsec-to-trivy-migration

  1. Remove tfsec from aqua.yaml and add trivy to aqua.yaml
aqua g -i aquasecurity/trivy

Configure tfaction-root.yaml to keep the original behaviour (Not recommended)

tfaciton-root.yaml

tfsec:
  enabled: true
trivy:
  enabled: false
@suzuki-shunsuke suzuki-shunsuke added this to the v1.0.0 milestone Nov 8, 2023
suzuki-shunsuke added a commit that referenced this issue Nov 9, 2023
@suzuki-shunsuke
fix: enable trivy and disable tfsec by default
0d75d54 
- #1283
@suzuki-shunsuke suzuki-shunsuke mentioned this issue Nov 9, 2023
Merged
@suzuki-shunsuke suzuki-shunsuke linked a pull request Nov 9, 2023 that will close this issue
breaking changes for tfaction v1 #1291
Merged
suzuki-shunsuke added a commit that referenced this issue Dec 17, 2023
@suzuki-shunsuke
breaking changes for tfaction v1 (#1291)
445aa16 
* fix: remove outputs terraform_targets and tfmigrate_targets

- #1286

* chore: update Node.js 16 to 20

- #1290

* fix(scaffold-working-dir): stop adding conftest to aqua.yaml

- #1284

* fix(get-global-config): skip creating aqua.yaml by default

- #1285

* fix: enable trivy and disable tfsec by default

- #1283

* feat: merge actions' inputs github_token and github_app_token

- #1282

* feat(scaffold-module): separate actions with generating codes and creating pull requests (#1340)

* feat(scaffold-module): require module templates (#1341)

* feat(scaffold-module): require module templates

* fix(test-module): stop running `terraform init

* fix(create-scaffold-module-pr): replace the input module_path with TFACTION_MODULE_PATH

* fix(scaffold-module): remove a template and create tfaction_module.yaml (#1342)

* feat: support running `terraform plan` with the `-destroy` option (#1343)

* feat: support running `terraform plan` with the `-destroy` option

* fix(terraform-plan): output a warning

* refactor: use optional (#1375)

* refactor: use optional

* chore: use volta

* fix(get-target-config): enable trivy and disable tfsec by default
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
breaking change enhancement New feature or request
Projects
None yet
Milestone
v1.0.0
Development

Successfully merging a pull request may close this issue.

breaking changes for tfaction v1 suzuki-shunsuke/tfaction
1 participant
@suzuki-shunsuke