[govulncheck] Periodic Prow Job for govulncheck
#100
Labels
area/dependency
Issues or PRs related to dependency changes
lifecycle/stale
Denotes an issue or PR has remained open with no activity and has become stale.
sig/architecture
Categorizes an issue or PR as relevant to SIG Architecture.
sig/release
Categorizes an issue or PR as relevant to SIG Release.
sig/security
Categorizes an issue or PR as relevant to SIG Security.
Projects
Description
Run
govulncheck
periodically in default modesymbol
level on https://github.com/kubernetes/kubernetes for:master
branch i.e. HEADstable-version
prev-stable-minor-version
oldest-stable-minor-version
This will allow to get a sense of new vulnerabilities identified and help facilitate decision on cherry picks
Implementation Details
Create a new yaml file here: https://github.com/kubernetes/test-infra/tree/0e5705d1a7cfe4c0ba8e2518a15c26f8ebc1b66d/config/jobs/kubernetes/sig-security named as govulncheck-periodic.yaml that looks something like this:
Tips and Caveats
Parent
#95
Backport PRs
kubernetes/kubernetes#124750
kubernetes/kubernetes#124751
Links to Release branches script
https://github.com/kubernetes/kubernetes/blob/release-1.29/hack/verify-govulncheck.sh
https://github.com/kubernetes/kubernetes/blob/release-1.30/hack/verify-govulncheck.sh
The text was updated successfully, but these errors were encountered: