Since we persist the Docker image after the build, we should scan that image. This PR adds that scanning, set to not fail the build at the moment to prevent interfering with day to day work. A subsequent issue will be created to fix the failures and turn on failing when new vulns are encountered.
Since we persist the Docker image after the build, we should scan that image. This PR adds that scanning, set to not fail the build at the moment to prevent interfering with day to day work. A subsequent issue will be created to fix the failures and turn on failing when new vulns are encountered.
Signed-off-by: Andy Tinkham andy.tinkham@cyberark.com