Skip to content

Support allowed vulnerabilities in Trivy #989

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 27, 2024
Merged

Support allowed vulnerabilities in Trivy #989

merged 3 commits into from
Jun 27, 2024

Conversation

assumptionsandg
Copy link
Contributor

@assumptionsandg assumptionsandg commented Mar 14, 2024
edited
Loading

Support allowed vulnerabilities in Trivy per image and globally

@assumptionsandg assumptionsandg force-pushed the trivy-allow-lists branch 3 times, most recently from a4c3a6c to 6f3a734 Compare March 14, 2024 14:21
@assumptionsandg assumptionsandg force-pushed the trivy-allow-lists branch 2 times, most recently from a9649be to 2a4f3f6 Compare March 21, 2024 14:08
@assumptionsandg assumptionsandg marked this pull request as ready for review March 21, 2024 14:48
@assumptionsandg assumptionsandg requested a review from a team as a code owner March 21, 2024 14:48
markgoddard
markgoddard suggested changes Mar 22, 2024
View reviewed changes
@assumptionsandg assumptionsandg force-pushed the trivy-allow-lists branch 2 times, most recently from c2c10e5 to 5095224 Compare March 22, 2024 17:46
@assumptionsandg assumptionsandg marked this pull request as draft March 22, 2024 17:51
@assumptionsandg assumptionsandg force-pushed the trivy-allow-lists branch 4 times, most recently from 7d4a28f to cd61387 Compare March 27, 2024 12:48
@assumptionsandg assumptionsandg force-pushed the trivy-allow-lists branch 3 times, most recently from 627e614 to c646ae7 Compare May 22, 2024 14:57
@assumptionsandg assumptionsandg changed the base branch from stackhpc/yoga to stackhpc/2023.1 May 22, 2024 14:57
@assumptionsandg assumptionsandg force-pushed the trivy-allow-lists branch 3 times, most recently from 20e8bdb to dbee350 Compare June 6, 2024 13:38
@assumptionsandg assumptionsandg marked this pull request as ready for review June 6, 2024 13:38
@assumptionsandg assumptionsandg self-assigned this Jun 6, 2024
@assumptionsandg assumptionsandg force-pushed the trivy-allow-lists branch 3 times, most recently from 9ac9f70 to 6d1856c Compare June 7, 2024 09:14
@assumptionsandg assumptionsandg changed the title Support allowed vulnerabilities in trivy per image Support allowed vulnerabilities in Trivy Jun 7, 2024
assumptionsandg and others added 2 commits June 19, 2024 10:10
@assumptionsandg
Support allow lists in Trivy
5714737
@assumptionsandg
Various Trivy whitelist fixes
f65f55b 
Substitute underscore in imagename for consistent formatting in
whitelists file and remove unnecessary return code checking
Alex-Welsh
Alex-Welsh previously approved these changes Jun 21, 2024
View reviewed changes
markgoddard
markgoddard reviewed Jun 27, 2024
View reviewed changes
@assumptionsandg
Remove CVE-2024-36039 from whitelist
8ed7e8a 
Remove CVE-2024-36039 from the Trivy whitelist and move to the
example file setup to illustrate the global_allowed_vulnerabilities
variable can be used to whitelist vulnerabilities in all images.
@markgoddard markgoddard merged commit a794842 into stackhpc/2023.1 Jun 27, 2024
12 checks passed
@markgoddard markgoddard deleted the trivy-allow-lists branch June 27, 2024 14:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@markgoddard markgoddard markgoddard approved these changes

@Alex-Welsh Alex-Welsh Alex-Welsh left review comments

Assignees

@assumptionsandg assumptionsandg

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@assumptionsandg @markgoddard @Alex-Welsh