-
Notifications
You must be signed in to change notification settings - Fork 831
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2251 from axsaucedo/jenkins_x_snyk_security
Jenkins x snyk security checks
- Loading branch information
Showing
2 changed files
with
69 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| # Security Policy | ||
|
|
||
| This document provides an overview of the security policy of Seldon Core. | ||
|
|
||
| Seldon Core aims to follow the two following policies: | ||
|
|
||
| * Keep dependencies up to date | ||
| * Identify and address common vulnerabilities and exposures | ||
|
|
||
| ## Supported Versions | ||
|
|
||
| The versions that support this Security policies are the following | ||
|
|
||
| | Version | Supported | | ||
| | ------- | ------------------ | | ||
| | >= 1.2.2 | :white_check_mark: | | ||
| | < 1.2.2 | :x: | | ||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| If you identify a vulnerability the best way to report it is by opening an issue with the type "bug". The discussion can then take place there on next steps (ie updating library, reaching out to 3rd party projects, etc). | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| buildPack: none | ||
| pipelineConfig: | ||
| pipelines: | ||
| pullRequest: | ||
| pipeline: | ||
| agent: | ||
| image: snyk/snyk:golang | ||
| env: | ||
| - name: SNYK_TOKEN | ||
| valueFrom: | ||
| secretKeyRef: | ||
| name: snyk-token | ||
| key: token | ||
| stages: | ||
| - name: pr-build-comment | ||
| steps: | ||
| - agent: | ||
| image: gcr.io/jenkinsxio/builder-go:2.0.916-264 | ||
| dir: ci | ||
| sh: "./add-pr-build-comment" | ||
| - name: run-security-tests | ||
| parallel: | ||
| - name: run-operator-tests | ||
| steps: | ||
| - agent: | ||
| image: snyk/snyk:golang | ||
| dir: operator | ||
| command: snyk | ||
| args: | ||
| - test | ||
| - --all-projects | ||
| - name: run-executor-tests | ||
| steps: | ||
| - agent: | ||
| image: snyk/snyk:golang | ||
| dir: executor | ||
| command: snyk | ||
| args: | ||
| - test | ||
| - --all-projects | ||
| - name: run-python-tests | ||
| steps: | ||
| - agent: | ||
| image: snyk/snyk:python-3.7 | ||
| dir: python | ||
| sh: "pip install -r requirements.txt && snyk test" | ||
|
|