Skip to content

Commit 372af8c

Browse files
Nik08Copilot
andcommitted
CHEF-33010 Added grype scan config
Signed-off-by: Nikita Mathur <nikita.mathur@progress.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1 parent f711e27 commit 372af8c

File tree

1 file changed

+5
-0
lines changed

1 file changed

+5
-0
lines changed

.github/workflows/ci-main-pull-request-stub-1.0.8.yml renamed to .github/workflows/ci-main-pull-request-stub.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -106,6 +106,11 @@ jobs:
106106
perform-language-linting: true # Perform language-specific linting and pre-compilation checks
107107
perform-trufflehog-scan: true
108108
perform-trivy-scan: true
109+
110+
# grype vulnerability scanning
111+
perform-grype-scan: true
112+
grype-fail-on-high: true
113+
grype-fail-on-critical: true
109114

110115
# perform application build and unit testing, will use custom repository properties when implemented for chef-primary-application, chef-build-profile, and chef-build-language
111116
build: true

0 commit comments

Comments
 (0)