Skip to content
Branch: master
Find file History
johnma14 and istio-testing Enable vulnerability scanning for Istio docker images (#14363)
Currently we build and push docker images for Istio components and sample apps as
part of our build process. In this PR, we have included a way to enable security
vulnerability scanning of these images using IBM's image scanning tool - ImageScanner
(imagescanner.cloud.ibm.com). The results of the image scans are put under a new folder
'vulnerability_scan_results' which will be available to view later.

Fixes Bug: #13262
Latest commit 5fcdb82 Jun 25, 2019

README.md

Bookinfo Sample

See https://istio.io/docs/examples/bookinfo/

Build docker images without pushing

src/build-services.sh <version>

The bookinfo versions are different from Istio versions since the sample should work with any version of Istio.

Update docker images in the yaml files

sed -i "s/\(istio\/examples-bookinfo-.*\):[[:digit:]]\.[[:digit:]]\.[[:digit:]]/<your docker image with tag>/g" */bookinfo*.yaml

Push docker images to docker hub

One script to build the docker images, push them to docker hub and to update the yaml files

build_push_update_images.sh <version>

Tests

Bookinfo is tested by e2e smoke test on every PR. The Bookinfo e2e test is in tests/e2e/tests/bookinfo, make target e2e_bookinfo.

The reference productpage HTML files are in tests/apps/bookinfo/output. If the productpage HTML produced by the app is changed, remember to regenerate the reference HTML files and commit them with the same PR.

You can’t perform that action at this time.