Skip to content

chore: add trivy cve scan and fix workflow#266

Merged
google-oss-prow[bot] merged 3 commits intokubeflow:mainfrom
Fiona-Waters:cve-workflow
Feb 5, 2026
Merged

chore: add trivy cve scan and fix workflow#266
google-oss-prow[bot] merged 3 commits intokubeflow:mainfrom
Fiona-Waters:cve-workflow

Conversation

@Fiona-Waters
Copy link
Copy Markdown
Contributor

@Fiona-Waters Fiona-Waters commented Feb 5, 2026

What this PR does / why we need it:

This PR adds a workflow file that uses trivy for CVE scanning. The workflow will also open a PR on the repo with a fix for any CVEs with CVSS of 7.0 or higher that have fixes available. It runs nightly.

Which issue(s) this PR fixes (optional, in Fixes #<issue number>, #<issue number>, ... format, will close the issue(s) when PR gets merged):

Fixes #

Checklist:

  • Docs included if any changes are user facing

@Fiona-Waters
chore: add trivy cve scan workflow
4b116c5 
Signed-off-by: Fiona-Waters <fiwaters6@gmail.com>
@coveralls
Copy link
Copy Markdown

coveralls commented Feb 5, 2026
edited
Loading

Pull Request Test Coverage Report for Build 21719809581

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 67.52%
Totals Coverage Status
Change from base Build 21637340746: 0.0%
Covered Lines: 2769
Relevant Lines: 4101
💛 - Coveralls

andreyvelich
andreyvelich reviewed Feb 5, 2026
View reviewed changes
@Fiona-Waters
fix: add security label and report non fixable cves to github
2ec2882 
Signed-off-by: Fiona-Waters <fiwaters6@gmail.com>
@google-oss-prow google-oss-prow bot added size/L and removed size/M labels Feb 5, 2026
@Fiona-Waters Fiona-Waters marked this pull request as ready for review February 5, 2026 16:16
@google-oss-prow google-oss-prow bot requested a review from astefanutti February 5, 2026 16:16
andreyvelich
andreyvelich reviewed Feb 5, 2026
View reviewed changes
@Fiona-Waters
fix: add category and remove unnecessary label
a6645ad 
Signed-off-by: Fiona-Waters <fiwaters6@gmail.com>
@google-oss-prow google-oss-prow bot added size/M and removed size/L labels Feb 5, 2026
andreyvelich
andreyvelich reviewed Feb 5, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@andreyvelich andreyvelich left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve
Thanks @Fiona-Waters!

@google-oss-prow google-oss-prow bot added the lgtm label Feb 5, 2026
@google-oss-prow
Copy link
Copy Markdown
Contributor

google-oss-prow bot commented Feb 5, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: andreyvelich

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@google-oss-prow google-oss-prow bot merged commit 1fd18b2 into kubeflow:main Feb 5, 2026
14 of 16 checks passed
@google-oss-prow google-oss-prow bot added this to the v0.4 milestone Feb 5, 2026
@Fiona-Waters Fiona-Waters mentioned this pull request Feb 6, 2026
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andreyvelich andreyvelich andreyvelich left review comments

@Electronic-Waste Electronic-Waste Awaiting requested review from Electronic-Waste

@kramaranya kramaranya Awaiting requested review from kramaranya

@szaher szaher Awaiting requested review from szaher

@astefanutti astefanutti Awaiting requested review from astefanutti

Assignees

@andreyvelich andreyvelich

Labels

approved lgtm size/M

Projects

None yet

Milestone

v0.4

Development

Successfully merging this pull request may close these issues.

3 participants

@Fiona-Waters @coveralls @andreyvelich