Skip to content

Commit

Permalink
[DSEC-718][trivy] Add Trivy action (#313)
Browse files Browse the repository at this point in the history 
* [trivy] Add Trivy action

* [trivy] Change context

* Update requirements.txt

* Add trivy

* Trivy action

---------

Co-authored-by: dsp-fieldeng-bot <[email protected]>
  • Loading branch information
@zbedo
zbedo and dsp-fieldeng-bot authored Oct 2, 2023
1 parent 86c5823 commit 4dd3ede
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 6 deletions.
14 changes: 14 additions & 0 deletions .github/workflows/trivy.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
name: dsp-appsec-trivy
on: [pull_request]

jobs:
appsec-trivy:
# Parse Dockerfile and build, scan image if a "blessed" base image is not used
name: DSP AppSec Trivy check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: broadinstitute/dsp-appsec-trivy-action@v1
with:
context: ./orchestration
dockerfile: Dockerfile
12 changes: 6 additions & 6 deletions orchestration/requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,10 @@ dagster==0.12.14
data-repo-client==1.527.0
docstring-parser==0.15; python_version >= "3.9" and python_version < "3.10"
frozenlist==1.4.0; python_version >= "3.9" and python_version < "3.10" and python_full_version >= "3.6.0"
google-api-core==2.11.1; python_version >= "3.9" and python_version < "3.10" and (python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" or python_full_version >= "3.6.0" and python_version >= "3.9" and python_version < "3.10") and (python_version >= "3.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.7")
google-api-core==2.12.0; python_version >= "3.9" and python_version < "3.10" and (python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" or python_full_version >= "3.6.0" and python_version >= "3.9" and python_version < "3.10") and (python_version >= "3.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.7")
google-api-python-client==1.12.11; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0"
google-auth-httplib2==0.1.1; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0"
google-auth==2.23.0; python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" or python_full_version >= "3.6.0" and python_version >= "3.9" and python_version < "3.10"
google-auth==2.23.2; python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" or python_full_version >= "3.6.0" and python_version >= "3.9" and python_version < "3.10"
google-cloud-bigquery==2.34.3; python_version >= "3.6" and python_version < "3.11"
google-cloud-core==2.3.3; python_version >= "3.9" and python_version < "3.10" and (python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" or python_full_version >= "3.6.0" and python_version >= "3.9" and python_version < "3.10")
google-cloud-storage==1.44.0; (python_version >= "2.7" and python_full_version < "3.0.0") or (python_full_version >= "3.6.0")
Expand All @@ -39,14 +39,14 @@ graphql-ws==0.3.1
greenlet==2.0.2; python_version >= "3" and python_full_version < "3.0.0" and (platform_machine == "aarch64" or platform_machine == "ppc64le" or platform_machine == "x86_64" or platform_machine == "amd64" or platform_machine == "AMD64" or platform_machine == "win32" or platform_machine == "WIN32") and (python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" or python_version >= "3.9" and python_version < "3.10" and python_full_version >= "3.6.0") or python_version >= "3" and (platform_machine == "aarch64" or platform_machine == "ppc64le" or platform_machine == "x86_64" or platform_machine == "amd64" or platform_machine == "AMD64" or platform_machine == "win32" or platform_machine == "WIN32") and (python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" or python_version >= "3.9" and python_version < "3.10" and python_full_version >= "3.6.0") and python_full_version >= "3.5.0"
grpcio-health-checking==1.48.2; python_version >= "3.9" and python_version < "3.10"
grpcio-status==1.48.2; python_version >= "3.9" and python_version < "3.10"
grpcio==1.58.0; python_version >= "3.9" and python_version < "3.10"
grpcio==1.59.0; python_version >= "3.9" and python_version < "3.10"
hca-import-validation==0.0.17; python_version >= "3.6"
httplib2==0.22.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0"
humanfriendly==10.0; python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" or python_version >= "3.9" and python_version < "3.10" and python_full_version >= "3.5.0"
idna==3.4; python_version >= "3.9" and python_version < "3.10" and python_full_version >= "3.6.0"
jinja2==2.11.3; python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" or python_version >= "3.9" and python_version < "3.10" and python_full_version >= "3.5.0"
jsonschema-specifications==2023.7.1; python_version >= "3.8"
jsonschema==4.19.0; python_version >= "3.8"
jsonschema==4.19.1; python_version >= "3.8"
kubernetes==28.1.0; python_version >= "3.6"
mako==1.2.2; python_version >= "3.7"
markupsafe==2.0.1; python_version >= "3.6"
Expand All @@ -56,13 +56,13 @@ numpy==1.26.0; python_version >= "3.9" and python_version < "3.11"
oauth2client==4.1.3
oauthlib==3.2.2; python_version >= "3.6"
packaging==23.1; python_version >= "3.9" and python_version < "3.10"
pandas==2.1.0; python_version >= "3.9"
pandas==2.1.1; python_version >= "3.9"
pendulum==2.1.2; python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" or python_version >= "3.9" and python_version < "3.10" and python_full_version >= "3.5.0"
promise==2.3
proto-plus==1.22.3; python_version >= "3.9" and python_version < "3.10"
protobuf==3.20.2; python_version >= "3.7"
psutil==5.9.5; python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" and platform_system == "Windows" or python_version >= "3.9" and python_version < "3.10" and platform_system == "Windows" and python_full_version >= "3.4.0"
psycopg2-binary==2.9.7; python_version >= "3.6"
psycopg2-binary==2.9.8; python_version >= "3.6"
pyasn1-modules==0.3.0; python_version >= "3.9" and python_full_version < "3.0.0" and python_version < "3.10" or python_full_version >= "3.6.0" and python_version >= "3.9" and python_version < "3.10"
pyasn1==0.5.0; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4" or python_version >= "3.6" and python_version < "4" and python_full_version >= "3.6.0"
pyparsing==3.1.1; python_full_version >= "3.6.8" and python_version > "3.0"
Expand Down

0 comments on commit 4dd3ede

Please sign in to comment.