Skip to content
This repository has been archived by the owner on Apr 12, 2023. It is now read-only.

Helm chart security scanning #90

Open
JAORMX opened this issue Feb 27, 2023 · 0 comments · May be fixed by #100
Open

Helm chart security scanning #90

JAORMX opened this issue Feb 27, 2023 · 0 comments · May be fixed by #100

Comments

@JAORMX
Copy link
Contributor

JAORMX commented Feb 27, 2023

We should provide a secure-by-default configuration for the Kubernetes deployment through the Helm chart. To help us achieve this, having simple guidelines provided by automation is ideal.

Let's ensure that we have trivy configuration scanning enabled for the helm chart.

An example is available here: https://github.com/equinixmetal-helm/krakend/blob/main/.github/workflows/scan.yaml
@JAORMX JAORMX linked a pull request Mar 2, 2023 that will close this issue
Open
JAORMX added a commit to JAORMX/fertilesoil that referenced this issue Mar 2, 2023
@JAORMX
Scan the helm chart for security issues
159b32b 
This scans the helm chart using the trivy action to ensure we don't have
any obvious security vulnerabilities. Unfortuantely, trivy does not do a
great job at detecting a helm chart within a repo, so we need to point
it directly to it.

Closes infratographer#90

Signed-off-by: Juan Antonio Osorio <[email protected]>
JAORMX added a commit to JAORMX/fertilesoil that referenced this issue Mar 2, 2023
@JAORMX
Scan the helm chart for security issues
bf82fe0 
This scans the helm chart using the trivy action to ensure we don't have
any obvious security vulnerabilities. Unfortuantely, trivy does not do a
great job at detecting a helm chart within a repo, so we need to point
it directly to it.

Closes infratographer#90

Signed-off-by: Juan Antonio Osorio <[email protected]>
JAORMX added a commit to JAORMX/fertilesoil that referenced this issue Mar 2, 2023
@JAORMX
Scan the helm chart for security issues
7b94e95 
This scans the helm chart using the trivy action to ensure we don't have
any obvious security vulnerabilities. Unfortuantely, trivy does not do a
great job at detecting a helm chart within a repo, so we need to point
it directly to it.

Closes infratographer#90

Signed-off-by: Juan Antonio Osorio <[email protected]>
JAORMX added a commit to JAORMX/fertilesoil that referenced this issue Mar 16, 2023
@JAORMX
Scan the helm chart for security issues
4a87a9a 
This scans the helm chart using the trivy action to ensure we don't have
any obvious security vulnerabilities. Unfortuantely, trivy does not do a
great job at detecting a helm chart within a repo, so we need to point
it directly to it.

Closes infratographer#90

Signed-off-by: Juan Antonio Osorio <[email protected]>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Scan the helm chart for security issues JAORMX/fertilesoil
1 participant
@JAORMX