Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Review ACS reports for OrgBook BC namespace #188

Open
WadeBarnes opened this issue May 22, 2024 · 4 comments
Open

Review ACS reports for OrgBook BC namespace #188

WadeBarnes opened this issue May 22, 2024 · 4 comments
Assignees
@WadeBarnes

Comments

@WadeBarnes
Copy link
Member

We received a request from the security folks to review the ACS reports for the OrgBook BC namespace. They'd like us to respond with a remediation plan by Thursday May 23rd.
@WadeBarnes WadeBarnes self-assigned this May 22, 2024
@WadeBarnes WadeBarnes converted this from a draft issue May 22, 2024
@WadeBarnes
Copy link
Member Author

I've addressed the concerns with the search-engine and api images by rebuilding with updated base images. The api build also includes the changes in bcgov/aries-vcr v1.10.1.

ACS is reporting vulnerabilities inconsistently and there are a number of false positives left behind following this work. I've reported it to the Security, Platform, and RedHat folks. It's a huge waste of everyone's time if things are not accurate and consistent.

@WadeBarnes WadeBarnes moved this from Assigned to In Progress in CDT Enterprise Apps May 22, 2024
@WadeBarnes
Copy link
Member Author

This ticket is blocking us from completing the work; bcgov/aries-vcr#766

@swcurran
Copy link
Contributor

ACS?

@WadeBarnes
Copy link
Member Author

RedHat Advanced Cluster Security

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@WadeBarnes WadeBarnes

Labels
None yet
Projects
CDT Enterprise Apps
Status: In Progress
Milestone
No milestone
Development

No branches or pull requests
2 participants
@swcurran @WadeBarnes