Security scanning for container images - Githubissues

k8snetworkplumbingwg / sriov-network-device-plugin

SRIOV network device plugin for Kubernetes

Apache License 2.0

396 stars 175 forks source link

Security scanning for container images #373

Open adrianchiris opened 3 years ago

adrianchiris commented 3 years ago

What would you like to be added?

Add action to check for security vulnerabilities in our containers. This can be a check that runs periodically or on every PR.

What we can use:

quay/clair - provides container that can be run as part of a workflow
Anchore/grype scanner which also provides a GA for it

Once we have this up and running, we can do the same in other projects in the group.

What is the use case for this feature / enhancement?

find and fix security vulnerabilities of project containers

adrianchiris commented 2 years ago

trivy is also an option : https://github.com/aquasecurity/trivy