Code Security and container image vulnerability scanning #3813
Description
Project Details:
We currently perform only code quality check on Coverage using sonarcloud.
Code security is an important aspect using which we will be able to identify security issues and vulnerabilities during the development phase.
Along with code security we must also implement docker container scanning for vulnerabilities .Docker image vulnerability scanning could be defined as identifying known security vulnerabilities in the packages listed in the Docker image. Vulnerability scanning allows us to find vulnerabilities in container images and fix them before using or pushing the image to the registry.
Features be to be implemented:
Code security scan on code.
Containerimage vulnerability scanning.
Learning Path
Complexity: Medium
Skills Required: DevOps
Name of Mentors:
@santhosh-tg
Project size:
TBD
Project repos:
https://github.com/project-sunbird/sunbird-devops/
https://github.com/Sunbird-Ed/
Acceptance Criteria:
Code security and container image vulnerability scanning is setup
Milestones
- Understanding the requirements
- Research on the tools needed
- Setting up the tools
- Integration of the tools
- Testing
- Documentation