Skip to content
This repository has been archived by the owner on Apr 12, 2023. It is now read-only.

Scan the helm chart for security issues #100

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Scan the helm chart for security issues #100

wants to merge 2 commits into from

Conversation

JAORMX
Copy link
Contributor

@JAORMX JAORMX commented Mar 2, 2023

This scans the helm chart using the trivy action to ensure we don't have
any obvious security vulnerabilities. Unfortuantely, trivy does not do a
great job at detecting a helm chart within a repo, so we need to point
it directly to it.

Closes #90

Signed-off-by: Juan Antonio Osorio [email protected]

@JAORMX JAORMX requested a review from a team as a code owner March 2, 2023 09:17
@codecov
Copy link

codecov bot commented Mar 2, 2023
edited
Loading

Codecov Report

Merging #100 (8ef7052) into main (8a7f54d) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main     #100   +/-   ##
=======================================
  Coverage   93.92%   93.92%           
=======================================
  Files           7        7           
  Lines        1219     1219           
=======================================
  Hits         1145     1145           
  Misses         58       58           
  Partials       16       16
Flag Coverage Δ
unittests 93.92% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@JAORMX JAORMX force-pushed the helm-chart-scanning branch 2 times, most recently from bf82fe0 to 7b94e95 Compare March 2, 2023 09:27
@JAORMX JAORMX marked this pull request as draft March 2, 2023 09:32
@JAORMX
Copy link
Contributor Author

JAORMX commented Mar 2, 2023

This was marked as draft since trivy is still not detecting the helm chart.

mikemrm
mikemrm previously approved these changes Mar 2, 2023
View reviewed changes
@JAORMX
Scan the helm chart for security issues
4a87a9a 
This scans the helm chart using the trivy action to ensure we don't have
any obvious security vulnerabilities. Unfortuantely, trivy does not do a
great job at detecting a helm chart within a repo, so we need to point
it directly to it.

Closes infratographer#90

Signed-off-by: Juan Antonio Osorio <[email protected]>
@JAORMX
Remove kubeVersion from chart
8ef7052 
This doesn't work well with trivy.

Signed-off-by: Juan Antonio Osorio <[email protected]>
@JAORMX JAORMX marked this pull request as ready for review March 17, 2023 10:22
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mikemrm mikemrm mikemrm left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Helm chart security scanning
2 participants
@JAORMX @mikemrm