Skip to content

automate airflow docker image containerize and include steps to vulnerability scanning

shivani karipe requested to merge az/sk-vulnerability-scanning into main

Old Approach:

  • for every release, we create the docker image in our local
  • The generated image is pushed to the ACR manually

New Approach:

  • Upon triggering the pipeline, the script will fetch the latest package for that release and will be used by docker image to install the packages
  • This will be automatically pushed to ACR
  • tested with tag using 214095

included gitlab-ultimate.yml to cover the issue https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/158

Edited by shivani karipe

Merge request reports

Loading