automate airflow docker image containerize and include steps to vulnerability scanning (!35) · Merge requests · OSDU Software / OSDU Data Platform / Deployment and Operations / base-containers-azure / Airflow Docker Image · GitLab

shivani karipe requested to merge az/sk-vulnerability-scanning into main Sep 26, 2023

Old Approach:

for every release, we create the docker image in our local
The generated image is pushed to the ACR manually

New Approach:

Upon triggering the pipeline, the script will fetch the latest package for that release and will be used by docker image to install the packages
This will be automatically pushed to ACR
tested with tag using 214095

included gitlab-ultimate.yml to cover the issue https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/158

Edited Sep 27, 2023 by shivani karipe