Auto-refreshing Official Kubernetes CVE Feed: a tool to auto create new CVE issues in klts

klts-io / kubernetes-lts

Kubernetes LTS(long term support)

https://klts.io/docs/install/

211 stars 16 forks source link

Auto-refreshing Official Kubernetes CVE Feed: a tool to auto create new CVE issues in klts #164

Open pacoxu opened 2 years ago

pacoxu commented 2 years ago

What would you like to be added?

KEP-3203: Add Auto-refreshing Official CVE feed https://github.com/kubernetes/enhancements/pull/3204 https://github.com/kubernetes/enhancements/issues/3203

Why is this needed?

new label official-cve-feed

github-actions[bot] commented 2 years ago

Hi @pacoxu, Thanks for opening an issue! We will look into it as soon as possible.

Details

Instructions for interacting with me using comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the [gh-ci-bot](https://github.com/wzshiming/gh-ci-bot) repository.

pacoxu commented 2 years ago

https://kubernetes.io/blog/2022/09/12/k8s-cve-feed-alpha/ is released.

curl -Ls https://k8s.io/docs/reference/issues-security/official-cve-feed/index.json  | jq -r '.items[0]

We can write a small tool based on the API to auto create issue for CVEs.