8000 e2e workflow update by romdalf · Pull Request #67 · ondat/trousseau · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

e2e workflow update #67

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 12, 2022
Merged

e2e workflow update #67

merged 3 commits into from
Apr 12, 2022

Conversation

romdalf
Copy link
Collaborator
@romdalf romdalf commented Apr 12, 2022

bumping the actions version
adding trivy within e2e workflow
remonving trivy from PR trigger

@romdalf
bumping the actions version
a56e9fd 
adding trivy within e2e workflow
remonving trivy from PR trigger
@romdalf romdalf added the enhancement New feature or request label Apr 12, 2022
@romdalf romdalf requested review from mhmxs and cannischan April 12, 2022 13:51
mhmxs
mhmxs reviewed Apr 12, 2022
View reviewed changes
.github/workflows/trivy.yml Outdated
@@ -25,7 +23,7 @@ jobs:
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@2a2157eb22c08c9a1fac99263430307b8d1bc7a2
with:
image-ref: ghcr.io/ondat/trousseau:${{ github.sha }}'
image-ref: ghcr.io/ondat/trousseau:latest'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you please describe why latest is the best to use here?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I modified the trivy.yml for ondemand only as there is a dedicated definition for the e2e and I pointed to latest for that purpose.
Would you put instead?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nothing special, i just feel cold using latest, because some systems always pulls the latest from the repo

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

since we have the trivy vulnerability scanning done for every PR, we can potentially remove this ondemand scan

mhmxs
mhmxs previously approved these changes Apr 12, 2022
View reviewed changes
@romdalf romdalf merged commit d2e9709 into main Apr 12, 2022
@romdalf romdalf deleted the e2e-workflow branch April 12, 2022 15:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mhmxs mhmxs mhmxs approved these changes

@cannischan cannischan Awaiting requested review from cannischan

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@romdalf @mhmxs
0