Closed realshuting closed 2 months ago
Hi, @realshuting ,Could you assign this issue to me ?
Hey, @lavishpal I hope you're doing well. I wanted to check if you are still addressing this issue. If not, I would greatly appreciate the chance to understand and work on resolving it.
Hey, @lavishpal I hope you're doing well. I wanted to check if you are still addressing this issue. If not, I would greatly appreciate the chance to understand and work on resolving it.
Hi @Denish3436 ,Currently working on this issue.
/assign
Problem Statement
Currently the Nancy scan runs upon each PR which is not necessary: https://github.com/kyverno/kyverno/blob/main/.github/workflows/nancy.yaml
It would be good to move the Nancy scan job to a daily periodic task.
Solution Description
Similar to what we did for Trivy scan, we can do the same for the Nancy scan and create GitHub issues for detected CVEs:
https://github.com/kyverno/kyverno/blob/main/.github/workflows/report-on-vulnerabilities.yaml
Alternatives
No response
Additional Context
No response
Slack discussion
No response
Research