-
Notifications
You must be signed in to change notification settings - Fork 883
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add image scanning on pull_request #4384
base: master
Are you sure you want to change the base?
Conversation
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
efa5f94
to
b590a66
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
❗ Your organization needs to install the Codecov GitHub app to enable full functionality. Additional details and impacted files@@ Coverage Diff @@
## master #4384 +/- ##
==========================================
+ Coverage 51.82% 51.89% +0.07%
==========================================
Files 244 246 +2
Lines 24234 24328 +94
==========================================
+ Hits 12560 12626 +66
- Misses 10993 11016 +23
- Partials 681 686 +5
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
b590a66
to
ceffae1
Compare
@liangyuanpeng Can you help to take a look? |
Hi~If interested, you can also review pr #4184 together, which also integrates trivy to ci, but for security scanning of older images. |
ceffae1
to
9299ae3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Interesting,I will add this to my list ASAP :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can understand what this PR hopes to do, but I think scheduled execution may be enough, and I think the value added by scanning container images on the PR may be very small, even if it does not hinder the PR but does take up some github action CI time.
Could you please add that scheduled scan image is not sufficient? Remind me if i missed something,Thanks.
@zhzhuang-zju
af5026a
to
8a260df
Compare
8a260df
to
e164bac
Compare
Signed-off-by: zhzhuang-zju <m17799853869@163.com>
Signed-off-by: zhzhuang-zju <m17799853869@163.com>
e164bac
to
29d3790
Compare
@liangyuanpeng @RainbowMango
The CI failure is because a merge of #4567 is required first. |
This effect looks great. |
What type of PR is this?
/kind cleanup
What this PR does / why we need it:
add image scanning on pull_request to protect against security vulnerabilities
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Refer to https://github.com/karmada-io/karmada/actions/runs/7112047275/job/19361222115
Does this PR introduce a user-facing change?: