Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Terrascan GHA workflow #574

Merged
merged 1 commit into from
Aug 26, 2021
Merged

Add Terrascan GHA workflow #574

merged 1 commit into from
Aug 26, 2021

Conversation

ytsarev
Copy link
Member

@ytsarev ytsarev commented Aug 25, 2021

Add https://runterrascan.io/

Signed-off-by: Yury Tsarev [email protected]

kuritka
kuritka requested changes Aug 25, 2021
View reviewed changes
.github/workflows/terrascan.yaml Outdated
uses: actions/checkout@v2
- name: Run Terrascan
id: terrascan
uses: accurics/terrascan-action@main
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is @main branch desired ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kuritka just grabbed it from the example at https://github.com/accurics/terrascan-action, still testing

@kuritka kuritka self-requested a review August 25, 2021 08:16
@ytsarev ytsarev force-pushed the terrascan branch 3 times, most recently from eb1c33b to 27a8b47 Compare August 25, 2021 10:19
kuritka
kuritka previously approved these changes Aug 25, 2021
View reviewed changes
k0da
k0da reviewed Aug 25, 2021
View reviewed changes
.github/workflows/terrascan.yaml
on:
push:
# paths:
# - 'chart/k8gb/**'
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you plan to bring it back?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@k0da yes, testing

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@k0da i will leave it around for a while. Need to get sarif report on master branch so the report will be visible at https://github.com/k8gb-io/k8gb/security/code-scanning

@ytsarev ytsarev force-pushed the terrascan branch 5 times, most recently from f83a5a6 to 357fa7a Compare August 26, 2021 13:23
@ytsarev
Add Terrascan GHA workflow
9da8e7d 
* Add https://runterrascan.io/
* Temporary omit `paths` filter to make it scan the chart
  without chart modification

Signed-off-by: Yury Tsarev <[email protected]>
@ytsarev ytsarev requested review from k0da and kuritka August 26, 2021 13:51
@ytsarev ytsarev merged commit 8654ac6 into master Aug 26, 2021
@ytsarev ytsarev deleted the terrascan branch August 26, 2021 13:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@k0da k0da k0da approved these changes

@donovanmuller donovanmuller Awaiting requested review from donovanmuller donovanmuller is a code owner

@somaritane somaritane Awaiting requested review from somaritane

@kuritka kuritka Awaiting requested review from kuritka kuritka is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ytsarev @k0da @kuritka