Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
  • Register
  • Sign in
  • I infra-azure-provisioning
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
    • Locked files
  • Issues 65
    • Issues 65
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 12
    • Merge requests 12
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Artifacts
    • Schedules
    • Test cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Package Registry
    • Container Registry
    • Terraform modules
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • Open Subsurface Data Universe SoftwareOpen Subsurface Data Universe Software
  • Platform
  • Deployment and Operations
  • infra-azure-provisioning
  • Issues
  • #216
Closed
Open
Issue created Dec 13, 2021 by Krishna Nikhil Vedurumudi@krveduruReporter

Vulnerability Periodic Scans and Processes

Create a process where the team can pro-actively catch vulnerabilities such that no surprises come when a build is needed. A periodic job that would run nightly to scan the containers.

Include all the containers that are used in the OSDU system - airflow, java, python under the same process. Create templates in CI-CD project such that the pipelines can be re-used.

Send email notification to a email group in case of pipeline errors such that team is alerted on the new vulnerability that is detected.

Make sure the build fails if there are any vulnerabilities are detected.

Tasks:

  • Create a distribution list for pipeline failure notifications.
  • Create re-usable pipeline that periodically scans build images. (nightly?)
  • Send email to the above DL only in case of failures.
  • Make sure the build fails if vulnerabilities are detected.
  • Include all the containers that are used in the OSDU system - airflow, java, python, terraform under the same process.
Edited Feb 14, 2022 by Arturo Hernandez [EPAM]
Assignee
Assign to
Time tracking