Google Cloud Artifact Vulnerability Scans #8552
Labels
Comments
manuel-sommer
added a commit
to manuel-sommer/django-DefectDojo
that referenced
this issue
Jan 16, 2024
mtesauro
pushed a commit
that referenced
this issue
Jan 19, 2024
* ✨ implement google cloud artifact scan, #8552 * fix unittest * docs update
|
This issue can be closed @mtesauro |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Google Artifact Security Scan
Google Cloud has a Artifact Registry that you can enable security scans https://cloud.google.com/artifact-registry/docs/analysis
Once a scan is completed, results can be pulled via API/gcloud https://cloud.google.com/artifact-analysis/docs/metadata-storage and exported to json
gcloud artifacts docker images describe northamerica-northeast1-docker.pkg.dev/test-cloud/testing/testing-image@sha256:decode00000000000000000000000000000000000000000000000deadbeef --show-package-vulnerability --format=jsonSample File
Please attach a sample file and the format of the file (xml, json, csv).
vulns.json.txt
Had to rename ending to .txt but its a json file.
Minor censorship was done on the file, format should be the same but repo/project/image names are faked.
The text was updated successfully, but these errors were encountered: