Skip to content

[release-0.12] 🌱 Add weekly security scan using govulncheck and Trivy #2543

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 12, 2025
Merged

[release-0.12] 🌱 Add weekly security scan using govulncheck and Trivy #2543

merged 1 commit into from
May 12, 2025

Conversation

k8s-infra-cherrypick-robot
Copy link

This is an automated cherry-pick of #2536

/assign lentzi90

/cherrypick release-0.11 release-0.10

@lentzi90
Add weekly security scan using govulncheck and trivy
7f36233 
This is all based on how CAPI does the same.

Signed-off-by: Lennart Jern <[email protected]>
@k8s-infra-cherrypick-robot k8s-infra-cherrypick-robot mentioned this pull request May 12, 2025
Merged
3 tasks
@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label May 12, 2025
@k8s-ci-robot k8s-ci-robot requested review from EmilienM and lentzi90 May 12, 2025 11:12
@netlify Netlify
Copy link

netlify bot commented May 12, 2025
edited
Loading

Deploy Preview for kubernetes-sigs-cluster-api-openstack ready!

Name Link
🔨 Latest commit 7f36233
🔍 Latest deploy log https://app.netlify.com/sites/kubernetes-sigs-cluster-api-openstack/deploys/6821d78416fb4c0008fdc53a
😎 Deploy Preview https://deploy-preview-2543--kubernetes-sigs-cluster-api-openstack.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@k8s-ci-robot k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label May 12, 2025
lentzi90
lentzi90 reviewed May 12, 2025
View reviewed changes
Copy link
Contributor

@lentzi90 lentzi90 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: The workflow isn't really needed on the release branches, but the scripts and make targets are.
You can see the workflow passing on main and failing on the release branches here: https://github.com/kubernetes-sigs/cluster-api-provider-openstack/actions/runs/14968561618
/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lentzi90

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 12, 2025
@EmilienM
Copy link
Contributor

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 12, 2025
@k8s-ci-robot k8s-ci-robot merged commit 547b729 into kubernetes-sigs:release-0.12 May 12, 2025
9 checks passed
@github-project-automation github-project-automation bot moved this from Inbox to Done in CAPO Roadmap May 12, 2025
@k8s-infra-cherrypick-robot
Copy link
Author

@k8s-infra-cherrypick-robot: #2543 failed to apply on top of branch "release-0.11":

Applying: Add weekly security scan using govulncheck and trivy
Using index info to reconstruct a base tree...
M	Makefile
Falling back to patching base and 3-way merge...
Auto-merging Makefile
CONFLICT (content): Merge conflict in Makefile
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
hint: When you have resolved this problem, run "git am --continue".
hint: If you prefer to skip this patch, run "git am --skip" instead.
hint: To restore the original branch and stop patching, run "git am --abort".
hint: Disable this message with "git config advice.mergeConflict false"
Patch failed at 0001 Add weekly security scan using govulncheck and trivy

In response to this:

This is an automated cherry-pick of #2536

/assign lentzi90

/cherrypick release-0.11 release-0.10

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lentzi90 lentzi90 lentzi90 left review comments

@EmilienM EmilienM Awaiting requested review from EmilienM

Assignees

@EmilienM EmilienM

@lentzi90 lentzi90

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
CAPO Roadmap
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@k8s-infra-cherrypick-robot @k8s-ci-robot @EmilienM @lentzi90