Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Request a Snyk Service Account for Proof of Concept #206

Closed
dims opened this issue Apr 8, 2021 · 15 comments
Closed

Request a Snyk Service Account for Proof of Concept #206

dims opened this issue Apr 8, 2021 · 15 comments
Assignees
@idvoretskyi
Labels
sig/architecture Categorizes an issue or PR as relevant to SIG Architecture.

Comments

@dims
Copy link
Member

dims commented Apr 8, 2021

Context :

Snyk has found a few things for us so far:

We had been talking to Snyk for a while now:

Currently @PushkarJ @navidshaikh and others are looking at possibilities of automating (at least a proof of concept) to see what's possible.

Just to be clear, All this is stuff we would do BEFORE a release. We are not talking about scanning containers here, just sanity check of dependencies that we pull in.

What's the ask?

  • Request CNCF folks (hi @idvoretskyi !!) to create a Snyk free account and an Org for Kubernetes with those who are doing the proof of concept
  • Then we need to email Snyk folks to add the ability to mint new service accounts which can then be used in CI.

If you all approve, i can open up a service desk ticket with CNCF and get this going.

thanks,
Dims

/area code-organization
/sig architecture
@k8s-ci-robot
Copy link
Contributor

@dims: The label(s) area/code-organization cannot be applied, because the repository doesn't have them.

In response to this:

Context :

Snyk has found a few things for us so far:

We had been talking to Snyk for a while now:

Currently @PushkarJ @navidshaikh and others are looking at possibilities of automating (at least a proof of concept) to see what's possible.

Just to be clear, All this is stuff we would do BEFORE a release. We are not talking about scanning containers here, just sanity check of dependencies that we pull in.

What's the ask?

  • Request CNCF folks (hi @idvoretskyi !!) to create a Snyk free account and an Org for Kubernetes with those who are doing the proof of concept
  • Then we need to email Snyk folks to add the ability to mint new service accounts which can then be used in CI.

If you all approve, i can open up a service desk ticket with CNCF and get this going.

thanks,
Dims

/area code-organization
/sig architecture

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added the sig/architecture Categorizes an issue or PR as relevant to SIG Architecture. label Apr 8, 2021
@dims
Copy link
Member Author

dims commented Apr 8, 2021
edited

cc @ericsmalling @elson @anthogez

@ericsmalling
Copy link

FYI - I work on Snyk DevRel team and am happy to help in any way (or connect people to those that can help)

@nikhita
Copy link
Member

nikhita commented Apr 9, 2021

+1 (steering hat on)

@liggitt
Copy link
Member

liggitt commented Apr 9, 2021

+1

@caniszczyk
Copy link

FYI CNCF/LF have a relationship with Snyk (powers some of our security tools) so we can help if needed but I think we should be just OK with their normal free offering, I'll let @idvoretskyi steer as he's setup snyk for other CNCF projects.

@dims
Copy link
Member Author

dims commented Apr 9, 2021

Thanks @caniszczyk we will reach out to @idvoretskyi next week to get this going.

@idvoretskyi
Copy link
Member

/assign

@dims sure, let’s catch up and we’ll sort it out :)

@dims
Copy link
Member Author

dims commented Apr 14, 2021

slack discussion: https://kubernetes.slack.com/archives/CPNFRNLTS/p1618404479022100?thread_ts=1618404437.021700&cid=CPNFRNLTS
CNCF service desk ticket: https://cncfservicedesk.atlassian.net/servicedesk/customer/portal/1/CNCFSD-756

@PushkarJ
Copy link
Member

Related issue for visibility of fixed CVE info in release notes: kubernetes/release#1354 and PR: kubernetes/release#1996 cc @navidshaikh

@puerco
Copy link
Member

puerco commented Apr 19, 2021

/cc

@idvoretskyi
Copy link
Member

The access is granted - is there anything else on this one @dims?

@dims
Copy link
Member Author

dims commented Apr 21, 2021

all set! thanks @idvoretskyi

@idvoretskyi
Copy link
Member

/close

we may reopen if needed :)

@k8s-ci-robot
Copy link
Contributor

@idvoretskyi: Closing this issue.

In response to this:

/close

we may reopen if needed :)

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@navidshaikh navidshaikh mentioned this issue Apr 27, 2021
Closed
7 tasks
@PushkarJ PushkarJ mentioned this issue May 26, 2021
Closed
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@idvoretskyi idvoretskyi

Labels
sig/architecture Categorizes an issue or PR as relevant to SIG Architecture.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@dims @caniszczyk @idvoretskyi @ericsmalling @liggitt @PushkarJ @puerco @nikhita @k8s-ci-robot