Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

force ci to fail if trivy fails #829

Merged
merged 2 commits into from
Apr 3, 2025
Merged

force ci to fail if trivy fails #829

merged 2 commits into from
Apr 3, 2025

Conversation

lunika
Copy link
Member

@lunika lunika commented Mar 31, 2025
edited
Loading

Purpose

  • If trivy fails we must stop the CI to avoid publishing images with
    security issues.
  • We use yarn and not npm, we remove npm because it has a dependencie with
    cross-spawn which has a CVE.

Proposal

  • 🔥(ci) force ci to fails if trivy fails
  • 🔥(y-provider) remove npm in docker image

@lunika lunika changed the title Ci/trivy fails force ci to fails if trivy fails Apr 1, 2025
@lunika lunika requested a review from AntoLC April 1, 2025 07:05
@lunika lunika self-assigned this Apr 1, 2025
@lunika lunika added the enhancement New feature or request label Apr 1, 2025
@lunika lunika changed the title force ci to fails if trivy fails force ci to fail if trivy fails Apr 1, 2025
AntoLC
AntoLC approved these changes Apr 1, 2025
View reviewed changes
Copy link
Collaborator

@AntoLC AntoLC left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, I couldn't nail where came from this error with cross-spawn

@lunika lunika enabled auto-merge (rebase) April 3, 2025 08:13
lunika added 2 commits April 3, 2025 10:28
@lunika
🔥(ci) force ci to fails if trivy fails
a94686b 
If trivy fails we must stop the CI to avoid publishing images with
security issues.
@lunika
🔥(y-provider) remove npm in docker image
4337772 
We use yarn and not npm, we remove npm because it has a dependencie with
cross-spawn which has a CVE.
@lunika lunika merged commit 771ffdc into main Apr 3, 2025
18 of 20 checks passed
@lunika lunika deleted the ci/trivy-fails branch April 3, 2025 08:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AntoLC AntoLC AntoLC approved these changes

Assignees

@lunika lunika

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lunika @AntoLC