Skip to content

Commit

Permalink
chore: update repo semaphore config
Browse files Browse the repository at this point in the history
  • Loading branch information
ConfluentSemaphore committed Nov 10, 2024
1 parent dae32f2 commit 376c593
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion .semaphore/semaphore.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,13 @@ blocks:
commands:
- . sem-pint
- mvn -Dcloud -Pjenkins -U -Dmaven.wagon.http.retryHandler.count=10 --batch-mode --no-transfer-progress clean verify install dependency:analyze validate
- cve-scan
- export TRIVY_DISABLE_VEX_NOTICE=true
- trivy version
- echo "Check go/connector-dev-vuln-remediation for fixing or suppressing vulnerabilities found by trivy"
- trivy --skip-files "*.zip" rootfs --scanners vuln --db-repository public.ecr.aws/aquasecurity/trivy-db --java-db-repository public.ecr.aws/aquasecurity/trivy-java-db --ignore-unfixed --ignorefile
.trivyignore --exit-code 1 --severity CRITICAL target/components/packages
- trivy --skip-files "*.zip" rootfs --scanners vuln --db-repository public.ecr.aws/aquasecurity/trivy-db --java-db-repository public.ecr.aws/aquasecurity/trivy-java-db --ignore-unfixed --ignorefile
.trivyignore --severity HIGH,LOW,MEDIUM target/components/packages
- . cache-maven store
epilogue:
always:
Expand Down

0 comments on commit 376c593

Please sign in to comment.