search

kubernetes / node-problem-detector

This is a place for various problem detectors running on the Kubernetes nodes.
Apache License 2.0
2.85k stars 616 forks source link

Include automatic CVE scanning in build process #872

Closed JohnRusk closed 3 months ago

JohnRusk commented 4 months ago

Eg. with Trivy. Or similar.

Goal would be to avoid undetected CVEs in (a) the Go code and (b) other elements of the docker image (as may be the case in #871)

MartinForReal commented 4 months ago

related https://github.com/kubernetes/node-problem-detector/pull/811

wangzhen127 commented 3 months ago

/close

We are updating dependencies weekly now. /cc @hakman

k8s-ci-robot commented 3 months ago

@wangzhen127: Closing this issue.

In response to [this](https://github.com/kubernetes/node-problem-detector/issues/872#issuecomment-2040212597): >/close > >We are updating dependencies weekly now. >/cc @hakman Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.