homoluctus
commented
4 years ago @hazcod
Thanks. I think gitrivy is used in CI / CD, and as a schedule scanner. So, it is the user's role that specifies the latest version, not the gitrivy role.
Closed hazcod closed 4 years ago
homoluctus
commented
4 years ago @hazcod
Thanks. I think gitrivy is used in CI / CD, and as a schedule scanner. So, it is the user's role that specifies the latest version, not the gitrivy role.
hazcod
commented
4 years ago @homoluctus I mean that you typically have multiple versions of an image deployed, not always using :latest.
Would be nice if the Action would fetch the latest version of a docker container from a registry and use that for scanning. Having an automatically deploy process really prevents hardcoding the release version in the Action.
latestis a bad practice.