Closed sehaartuc closed 3 months ago
This pull request introduces a new GitHub Actions workflow to automate the weekly vulnerability scanning of Docker images. The workflow is scheduled to run every Monday at 14:00 UTC and can also be triggered manually. It fetches the latest two semantically versioned Docker images, scans them for critical and high severity vulnerabilities using Trivy, and performs additional analysis using the OSS Review Toolkit (ORT).
Files | Changes |
---|---|
.github/workflows/weekly_vuln_scan.yml |
Introduced a new GitHub Actions workflow to automate weekly vulnerability scanning of Docker images using Trivy and ORT. |
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
Summary by Sourcery
Introduced a new CI workflow to automate weekly vulnerability scans on Docker images, leveraging Trivy for image scanning and ORT for open-source software analysis.