Skip to content

feat(container-image-scan) - implement container image scan in GHA CI #352

New issue
New issue
Open
Open
feat(container-image-scan) - implement container image scan in GHA CI#352
Labels
enhancementNew feature or requestsecurity-devsecopsSecurity features to improve the security posture and implement DevSecpOps
@abhisheksr01

Description

@abhisheksr01
abhisheksr01
opened on Dec 26, 2024

Description

Implement container image scan in GHA CI.

Use Case

To ensure the container image usage is secure.

Proposed Solution

  • Use Trivy Marketplace action for scanning container image before publishing the image in docker-build-push job.
  • If image is vulnerable than they do publish the image.
  • If image is vulnerable and exception is granted then the image should be published..

Benefits

  • Shift left
  • Secure usage of container images
  • Improved security posture

Example:

  • Provide examples of how the feature will work or how it will be used, if possible.

Additional Information

https://github.com/marketplace/actions/aqua-security-trivy

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestsecurity-devsecopsSecurity features to improve the security posture and implement DevSecpOps

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions