Vulnerability Description
The Dockerfile, kubernetes and helm configs are failing when trivy config is executed in CI using the marketplace action.
Steps to Reproduce
- Commit a change to the repository
- The GHA CI pipeline executes and the
sast-iac-trivy-hadolint job executes which scans the IAC for security vulnerabilities
- CI Execution fails since vulnerabilites of different severities are found
Impact
The pipeline fails because of vulnerabiliteis which imposes secutity risk.
Suggested Mitigation or Fix
Fix the code to mitigate static infra code analysis found by trivy.
CVSS Score (Optional):
Available in the CI execution
Vulnerability Description
The Dockerfile, kubernetes and helm configs are failing when
trivy configis executed in CI using the marketplace action.Steps to Reproduce
sast-iac-trivy-hadolintjob executes which scans the IAC for security vulnerabilitiesImpact
The pipeline fails because of vulnerabiliteis which imposes secutity risk.
Suggested Mitigation or Fix
Fix the code to mitigate static infra code analysis found by trivy.
CVSS Score (Optional):
Available in the CI execution