added project level vulnerability scan (!7) · Merge requests · OSDU Software / OSDU Data Platform / Deployment and Operations / base-containers-azure / alpine-python3 · GitLab

shivani karipe requested to merge az/sk-vulnerability-scan into master Oct 09, 2023

added vulnerability scan
changed the STEP_1_IMAGE argument default value from alpine:3.17.3 to alpine:3.18 to resolve the image build issues
3.17.3 image also includes some medium level vulnerabilities where as there are no vulnerabilities in 3.18 ( link : alpine: 3.17.3 and alpine:3.18 )

verified with tag build https://community.opengroup.org/osdu/platform/deployment-and-operations/base-containers-azure/alpine-python3/-/pipelines/216381

issue ref : https://community.opengroup.org/osdu/platform/security-and-compliance/home/-/issues/158

Edited Oct 09, 2023 by shivani karipe