candrews
commented
2 months ago @micahsnyder can you please take a look whenever you get the chance?
Closed candrews closed 3 weeks ago
candrews
commented
2 months ago @micahsnyder can you please take a look whenever you get the chance?
micahsnyder
commented
2 months ago Hi Craig! Thanks for this. It looks useful. Either I or someone on my team will review it and get back to you.
micahsnyder
commented
2 months ago @candrews one quick note -- we forgot to merge https://github.com/Cisco-Talos/clamav-docker/pull/54. We built the 1.4.0 release images based on the approved PR branch, but hadn't merged because of new commit signing requirements. Just fixed that and merged it now.
So for your PR we will at least need to rebase with main and add the change for clamav/1.4 files. Sorry for the extra busy work. I only realized went I saw your PR lacked the 1.4 directory.
candrews
commented
2 months ago Sorry for the extra busy work.
No worries! I've rebased this MR including adding the changes to 1.4.
rsundriyal
commented
1 month ago We also need to update the changes for ClamAV images with the Database.
Current changes only target the base image and not the latest database image.
Changes are required here for each version both alpine and debain images. Update DB script
micahsnyder
commented
1 month ago @candrews Did you get a chance to look at @rsundriyal's questions? Also there are some merge conflicts now to resolve.
Add OCI image annotations to images
Attach SLSA provenance attestations to images
Attach SBOM attestations to images