Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add trivy scan to docker #4056

Merged
merged 1 commit into from
Oct 20, 2023

Conversation

farodin91
Copy link
Contributor


Thank you for contributing to JanusGraph!

In order to streamline the review of the contribution we ask you
to ensure the following steps have been taken:

For all changes:

  • Is there an issue associated with this PR? Is it referenced in the commit message?
  • Does your PR body contain #xyz where xyz is the issue number you are trying to resolve?
  • Has your PR been rebased against the latest commit within the target branch (typically master)?
  • Is your initial contribution a single, squashed commit?

For code changes:

  • Have you written and/or updated unit tests to verify your changes?
  • If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
  • If applicable, have you updated the LICENSE.txt file, including the main LICENSE.txt file in the root of this repository?
  • If applicable, have you updated the NOTICE.txt file, including the main NOTICE.txt file found in the root of this repository?

For documentation related changes:

  • Have you ensured that format looks appropriate for the output in which it is rendered?

Sorry, something went wrong.

@janusgraph-bot janusgraph-bot added the cla: external Externally-managed CLA label Oct 15, 2023
@farodin91 farodin91 force-pushed the add-trivy-scan-to-docker branch from eedceeb to e85836b Compare October 15, 2023 13:56
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@farodin91
Copy link
Contributor Author

@porunov This adds the last missing part from the janusgraph-docker repo.

@farodin91 farodin91 force-pushed the add-trivy-scan-to-docker branch 2 times, most recently from aa32268 to cafa13d Compare October 15, 2023 18:58
Copy link
Member

@porunov porunov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thank you @farodin91 !

@farodin91 farodin91 added this to the Release v1.0.0 milestone Oct 16, 2023
@farodin91 farodin91 force-pushed the add-trivy-scan-to-docker branch from cafa13d to af51c99 Compare October 17, 2023 05:16
@porunov
Copy link
Member

porunov commented Oct 19, 2023

@farodin91 looks like it fails with UserError: Path does not exist: trivy-results.sarif

@farodin91 farodin91 force-pushed the add-trivy-scan-to-docker branch from af51c99 to 4f42219 Compare October 19, 2023 18:57
@farodin91
Copy link
Contributor Author

@porunov Thank you. It should be fixed now.

@porunov
Copy link
Member

porunov commented Oct 19, 2023

@porunov Thank you. It should be fixed now.

Still the same error. Do you know if this PR is a blocker for the release?

@farodin91
Copy link
Contributor Author

It's a release blocker.

@farodin91 farodin91 force-pushed the add-trivy-scan-to-docker branch from 4f42219 to 9d896cc Compare October 20, 2023 05:25
Signed-off-by: Jan Jansen <jan.jansen@gdata.de>
@farodin91 farodin91 force-pushed the add-trivy-scan-to-docker branch from 9d896cc to 012cfce Compare October 20, 2023 07:31
@porunov
Copy link
Member

porunov commented Oct 20, 2023

@farodin91 Looks like all the tests passed. However, the required job in JanusGraph settings is set for dist-tests (-Pjava-11, 11), butin this PR the name changes to dist-tests (-Pjava-11, 11, -java-11) because of tag_suffix. To merge this PR we need temporary disable that setting in JanusGraph Settings > Branches -> master. After that we need to re-base all current opened PRs and then enable that branch protection again.

@porunov
Copy link
Member

porunov commented Oct 20, 2023

Disabled dist-tests (-Pjava-11, 11) required check

@porunov porunov merged commit ff58c43 into JanusGraph:master Oct 20, 2023
104 checks passed
@farodin91
Copy link
Contributor Author

@porunov Thank you for merging.

@porunov
Copy link
Member

porunov commented Oct 20, 2023

@porunov Thank you for merging.

Thank you for the Docker integration!

@janusgraph-automations
Copy link

💔 All backports failed

Status Branch Result
v0.6 An unhandled error occurred. Please see the logs for details

Manual backport

To create the backport manually run:

backport --pr 4056

Questions ?

Please refer to the Backport tool documentation and see the Github Action logs for details

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport/v0.6 cla: external Externally-managed CLA
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants