Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs(devcontainer): add trivy and its VSCode Extension #2650

Closed
petermetz opened this issue Aug 31, 2023 · 1 comment · Fixed by #3307 or ashnashahgrover/cacti#1
Closed

docs(devcontainer): add trivy and its VSCode Extension #2650

petermetz opened this issue Aug 31, 2023 · 1 comment · Fixed by #3307 or ashnashahgrover/cacti#1
Assignees
@ashnashahgrover
Labels
Developer_Experience documentation Improvements or additions to documentation good-first-issue Good for newcomers good-first-issue-100-introductory P3 Priority 3: Medium Security Related to existing or potential security vulnerabilities
Milestone
v2.1.0

Comments

@petermetz
Copy link
Member

Description

As a contributor I want to have a way to conveniently run a trivy security scan on my branches locally so that I'm getting much faster feedback about checks that will fail on the CI (we ran trivy checks for container scanning)

https://github.com/aquasecurity/trivy-vscode-extension

Acceptance Criteria

  1. The dev container image is updated so that it ships with the trivy binary
  2. The dev container configuration file is updated so that the VSCode extension is part of the recommended extensions: https://marketplace.visualstudio.com/items?itemName=AquaSecurityOfficial.trivy-vulnerability-scanner ( AquaSecurityOfficial.trivy-vulnerability-scanner)
  3. The .vscode/extensions.json file is also updated so that the scanner is part of the extensions there as well
@petermetz petermetz added this to the v2.1.0 milestone Aug 31, 2023
@petermetz petermetz self-assigned this Aug 31, 2023
@petermetz petermetz added documentation Improvements or additions to documentation Developer_Experience Security Related to existing or potential security vulnerabilities labels Aug 31, 2023
@ashnashahgrover
Copy link
Contributor

Working on this task.

This was referenced Jun 11, 2024
Closed
Merged
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Jun 11, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
f5ce721 
Primary Changes
1) updated trivy verion in the .devcontainer file and
included AquaSecurityOfficial.trivy-vulnerability-scanner vs-code extension
2) updated trivy version in ci.yaml
3) included AquaSecurityOfficial.trivy-vulnerability-scanner
vs-code extension in the .vscode/extensions.json file
4) Updated node version so Dev container builds properly

Fixes hyperledger#2650
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Jun 11, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
499fef9 
Primary Changes
1) updated trivy verion in the .devcontainer file and
included AquaSecurityOfficial.trivy-vulnerability-scanner vs-code extension
2) updated trivy version in ci.yaml
3) included AquaSecurityOfficial.trivy-vulnerability-scanner
vs-code extension in the .vscode/extensions.json file
4) Updated node version so Dev container builds properly

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
@ashnashahgrover ashnashahgrover mentioned this issue Jun 11, 2024
Merged
5 tasks
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Jun 13, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
b9203b6 
Primary Changes
1) updated trivy verion in the .devcontainer file and
included AquaSecurityOfficial.trivy-vulnerability-scanner vs-code extension
2) updated trivy version in ci.yaml
3) included AquaSecurityOfficial.trivy-vulnerability-scanner
vs-code extension in the .vscode/extensions.json file
4) Updated node version so Dev container builds properly

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Jul 15, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
52d56f4 
Primary Changes
1) updated trivy verion in the .devcontainer file and
included AquaSecurityOfficial.trivy-vulnerability-scanner vs-code extension
2) updated trivy version in ci.yaml
3) included AquaSecurityOfficial.trivy-vulnerability-scanner
vs-code extension in the .vscode/extensions.json file

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Jul 22, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
082dcec 
Primary Changes
1) updated trivy version in the .devcontainer file and
included AquaSecurityOfficial.trivy-vulnerability-scanner vs-code extension
2) updated trivy version in ci.yaml
3) included AquaSecurityOfficial.trivy-vulnerability-scanner
vs-code extension in the .vscode/extensions.json file

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Jul 22, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
86a0c08 
Primary Changes
1) updated trivy version in the .devcontainer file and
included AquaSecurityOfficial.trivy-vulnerability-scanner vs-code extension
2) updated trivy version in ci.yaml
3) included AquaSecurityOfficial.trivy-vulnerability-scanner
vs-code extension in the .vscode/extensions.json file

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Jul 23, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
3a9d66a 
Primary Changes
1) updated trivy version in the .devcontainer file and included trivy vs-code extension
2) updated trivy version in ci.yaml
3) included trivy vs-code extension in the .vscode/extensions.json file

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Jul 23, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
8a99b95 
Primary Changes
1) updated trivy version in the .devcontainer file and included trivy vs-code extension
2) updated trivy version in ci.yaml

Changes required to incorporate 1)
3) included trivy vs-code extension in the .vscode/extensions.json file

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Aug 5, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
bbca40d 
Primary Changes
1) updated trivy version in the .devcontainer file and included trivy vs-code extension
2) updated trivy version in ci.yaml

Changes required to incorporate 1)
3) included trivy vs-code extension in the .vscode/extensions.json file

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Aug 11, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
0863051 
Primary Changes
1) updated trivy version in the .devcontainer file and included trivy vs-code extension
2) updated trivy version in ci.yaml

Changes required to incorporate 1)
3) included trivy vs-code extension in the .vscode/extensions.json file

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Aug 14, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
8253bb4 
Primary Changes
1) updated trivy version in the .devcontainer file and included trivy vs-code extension
2) updated trivy version in ci.yaml

Changes required to incorporate 1)
3) included trivy vs-code extension in the .vscode/extensions.json file

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Aug 26, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
3d5f5c4 
Primary Changes
1) updated trivy version in the .devcontainer file and included trivy vs-code extension

Changes required to incorporate 1)
3) included trivy vs-code extension in the .vscode/extensions.json file

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
ashnashahgrover added a commit to ashnashahgrover/cacti that referenced this issue Aug 26, 2024
@ashnashahgrover
docs(devcontainer): add trivy and its VSCode Extension
6e860d9 
Primary Changes
1) updated trivy version in the .devcontainer file and included trivy vs-code extension

Changes required to incorporate 1)
3) included trivy vs-code extension in the .vscode/extensions.json file

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
petermetz pushed a commit to ashnashahgrover/cacti that referenced this issue Sep 16, 2024
@ashnashahgrover @petermetz
docs(devcontainer): add trivy and its VSCode Extension
2d55d1c 
Primary Changes
1) updated trivy version in the .devcontainer file and included trivy vs-code extension

Changes required to incorporate 1)
3) included trivy vs-code extension in the .vscode/extensions.json file

Fixes hyperledger#2650

Signed-off-by: ashnashahgrover <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ashnashahgrover ashnashahgrover

Labels
Developer_Experience documentation Improvements or additions to documentation good-first-issue Good for newcomers good-first-issue-100-introductory P3 Priority 3: Medium Security Related to existing or potential security vulnerabilities
Projects
Cacti_Scrum_Project_v2_Release
Status: Done
Milestone
v2.1.0
2 participants
@petermetz @ashnashahgrover