Skip to content

Add container vulnerability scanning and SBOM generation in CI #71

Description

@RonaldHensbergen

Parent issue: #64

Scope:

  • Add image scanning (e.g., Trivy) to CI
  • Define fail thresholds for HIGH/CRITICAL CVEs
  • Generate SBOM artifacts for built images

Acceptance criteria:

  • CI job runs on PRs touching image/runtime files
  • Build fails on configured severity thresholds
  • SBOM artifact is attached or persisted in workflow artifacts

Metadata

Metadata

Assignees

No one assigned

    Labels

    area:securitySecurity policies and checksenhancementNew feature or request

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions