Closed macfarla closed 3 weeks ago
currently still running in CI https://app.circleci.com/pipelines/github/hyperledger/besu/27763/workflows/fc96d628-5928-4bb0-ae50-b37b96b7ce57
from config.yml
dockerScan: executor: trivy_executor steps: - checkout - restore_gradle_cache - setup_remote_docker: docker_layer_caching: true - run: name: Install trivy command: | apk add --update-cache --upgrade curl bash curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin - run: name: Scan with trivy shell: /bin/sh command: | for FILE in $(ls docker) do if [[ $FILE == "test.sh" || $FILE == "tests" ]]; then continue fi docker pull -q "hyperledger/besu:develop-$FILE" trivy -q image --exit-code 1 --no-progress --severity HIGH,CRITICAL "hyperledger/besu:develop-$FILE" done
currently still running in CI https://app.circleci.com/pipelines/github/hyperledger/besu/27763/workflows/fc96d628-5928-4bb0-ae50-b37b96b7ce57
from config.yml