-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Scan docker images for vulnerabilities #3392
Conversation
4353bf6
to
7588cf5
Compare
@EnricoMi For this error: https://github.com/horovod/horovod/runs/5019456769?check_suite_focus=true#step:8:21
Just add a step to remove dotnet for example (~23G): docker/build-push-action#321 (comment) -
name: Remove dotnet
run: sudo rm -rf /usr/share/dotnet
-
name: Scan for vulnerabilities
id: scan
uses: crazy-max/ghaction-container-scan@v1
with:
image: horovod/${{ matrix.docker-image }}:latest
dockerfile: ./docker/${{ matrix.docker-image }}/Dockerfile
env:
TRIVY_TIMEOUT: 60m Edit: added a note about that: https://github.com/crazy-max/ghaction-container-scan#failed-to-copy-the-image-write-tmpfanal-2740541230-no-space-left-on-device |
Thanks, I am already deleting it, among others:
Otherwise I would not be able to build the image in the first place. Now, the scanning needs more disk space, which I am currently trying to find more directories to delete. Thanks for looking into this, though! |
7588cf5
to
4ca18dd
Compare
Little remark @crazy-max, Other paths:
|
cf16f55
to
42e4955
Compare
Unit Test Results (with flaky tests) 912 files - 8 912 suites - 8 9h 57m 34s ⏱️ - 27m 26s For more details on these failures, see this check. Results for commit 3a812bb. ± Comparison against base commit 2df6e1e. ♻️ This comment has been updated with latest results. |
e0f66aa
to
4a88b79
Compare
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
4a88b79
to
5161ada
Compare
Signed-off-by: Enrico Minack <github@enrico.minack.dev>
5161ada
to
3a812bb
Compare
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
This scans our to-be-released docker images for vulnerabilities. Results are reported to GitHub Security.