Open tomkralidis opened 2 months ago
I ran trivy on the wis2box-api, it found one issue with severity=HIGH https://github.com/wmo-im/wis2box-api/actions/runs/9615735356/job/26523621849
question: should the GHA only fail on severity=CRITICAL ?
wmo-im/dim_eccodes_baseimage
to 22.04 ?severity: CRITICAL,HIGH
Add trivy.yml to PR: https://github.com/wmo-im/wis2box/pull/699
wis2box-management passes
wis2box-api, wis2box-ui and wis2box-webapp fail
@tomkralidis how to proceed ?
after updating dim_eccodes_baseimage to use Ubuntu 22.04, wis2box-api now passes the vulnerability scan:
Add trivy via GitHub Actions in order to scan containers for vulnerabilities.