add Trivy scan result to build summary

vertica / vertica-kubernetes

Operator, container and Helm chart to deploy Vertica in Kubernetes

Apache License 2.0

44 stars 25 forks source link

Closed HaoYang0000 closed 3 weeks ago

cchen-vertica commented 1 month ago

Is that possible to report a warning in e2e tests summary page when trivy finds some vulnerabilities?

HaoYang0000 commented 1 month ago

Is that possible to report a warning in e2e tests summary page when trivy finds some vulnerabilities?

Yes, we can detect if the total vulnerability is > 0 and add a warning annotation to the summary page. The dry run result can be seen on action: https://github.com/vertica/vertica-kubernetes/actions/runs/11065276340