You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As we build out containers for DMP infrastructure we should consider including adding trivy to the build process. This will identify any vulnerabilities before images are published or pushed out.
CDLUC3/mrt-doc#1488 - has some information on how the Merritt team did this for their containers
IAS has a new tool to easily review any known vulnerabilities which are included in their trivy scans. Any containers registered in ECR in all AWS accounts that have a known vulnerability will be listed the tool. We can ask Martin to demo at our next IAS meeting
The text was updated successfully, but these errors were encountered:
As we build out containers for DMP infrastructure we should consider including adding trivy to the build process. This will identify any vulnerabilities before images are published or pushed out.
CDLUC3/mrt-doc#1488 - has some information on how the Merritt team did this for their containers
IAS has a new tool to easily review any known vulnerabilities which are included in their trivy scans. Any containers registered in ECR in all AWS accounts that have a known vulnerability will be listed the tool. We can ask Martin to demo at our next IAS meeting
The text was updated successfully, but these errors were encountered: