Closed hazcod closed 4 years ago
@hazcod
Thanks. I think gitrivy is used in CI / CD, and as a schedule scanner. So, it is the user's role that specifies the latest version, not the gitrivy role.
@homoluctus I mean that you typically have multiple versions of an image deployed, not always using :latest
.
Would be nice if the Action would fetch the latest version of a docker container from a registry and use that for scanning. Having an automatically deploy process really prevents hardcoding the release version in the Action.
latest
is a bad practice.