-
Notifications
You must be signed in to change notification settings - Fork 441
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Automatically and Regularly security scanning for container images #2095
Comments
Thanks for creating this @tenzen-y! I think we should include this issue in the ROADMAP. |
@andreyvelich Thanks for letting me know!
Does that mean we must work on this until tomorrow? |
No, we don't have hard requirements to scan all images before the release. |
Ah, I see. Sounds good. |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
/lifecycle frozen |
@difince wants to work on that as part of the security working group. We already did scans for 1.7 and want to automate it for 1.9 |
/kind feature
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
Currently, we manually scan container images to resolve security issues just before we release the new version of katib.
Although, this is inefficient, and we should scan container images regularly, not only just before releasing.
It might be better to run OSS tools for security scanning like the following on the GitHub Actions:
docker scan
(internally Snyk)ref: #2094
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Love this feature? Give it a 👍 We prioritize the features with the most 👍
The text was updated successfully, but these errors were encountered: