Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable all severities on the Trivy daily report #614

Merged
merged 1 commit into from
Jul 11, 2024
Merged

Enable all severities on the Trivy daily report #614

merged 1 commit into from
Jul 11, 2024

Conversation

caponetto
Copy link
Contributor

@caponetto caponetto commented Jul 11, 2024
edited
Loading

Description

Given that not only HIGH and CRITICAL issues are worked on, let's enable all types of severity for the daily report too. This way, we can compare when a new PR that fixes an issue is opened (see this discussion).

How Has This Been Tested?

Tested locally. The default is all severities if you don't provide the --severity option.

Merge criteria:

  • The commits are squashed in a cohesive manner and have meaningful messages.
  • Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
  • The developer has manually tested the changes and verified that the changes work

@openshift-ci openshift-ci bot requested review from harshad16 and jiridanek July 11, 2024 09:34
@caponetto caponetto mentioned this pull request Jul 11, 2024
Merged
3 tasks
@openshift-ci openshift-ci bot added the lgtm label Jul 11, 2024
@jiridanek
Copy link
Member

I'm imagining that the way to work with this is to first create PR without the fix, add label, trigger trivy by making dummy change in the files where I intend to make the fix, wait for trivy results, then add fix, and then compare that what I meant to fix disappeared from trivy ouput.

@caponetto
Copy link
Contributor Author

I'm imagining that the way to work with this is to first create PR without the fix, add label, trigger trivy by making dummy change in the files where I intend to make the fix, wait for trivy results, then add fix, and then compare that what I meant to fix disappeared from trivy ouput.

You don't need to create a PR without the fix. You can compare the report from the PR that fixes the issue with the latest daily report.

@jiridanek
Copy link
Member

You don't need to create a PR without the fix. You can compare the report from the PR that fixes the issue with the latest daily report.

Daily report runs with SEVERITY_OPTION="--severity CRITICAL,HIGH", so if I'm fixing something less severe, I won't have it there

@caponetto
Copy link
Contributor Author

You don't need to create a PR without the fix. You can compare the report from the PR that fixes the issue with the latest daily report.

Daily report runs with SEVERITY_OPTION="--severity CRITICAL,HIGH", so if I'm fixing something less severe, I won't have it there

This is exactly what this PR is about 😃

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Jul 11, 2024

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by: jiridanek, jstourac

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit 832677a into opendatahub-io:main Jul 11, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jiridanek jiridanek jiridanek approved these changes

@jstourac jstourac jstourac approved these changes

@harshad16 harshad16 Awaiting requested review from harshad16

Assignees

@jiridanek jiridanek

@jstourac jstourac

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@caponetto @jiridanek @jstourac @atheo89