Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DRAFT] Exclude vulnerabilities by CSV from image scan assesments. #1495

Closed
wants to merge 1 commit into from
Closed

[DRAFT] Exclude vulnerabilities by CSV from image scan assesments. #1495

wants to merge 1 commit into from

Conversation

davido-tigera
Copy link
Contributor

@davido-tigera davido-tigera commented May 23, 2024
edited
Loading

To run locally, do:

  • nvm use stable
  • chmod +x ./scripts/cc-next-preview-config.sh
  • ./scripts/cc-next-preview-config.sh
  • make start

@davido-tigera davido-tigera requested a review from a team as a code owner May 23, 2024 21:08
@netlify Netlify
Copy link

netlify bot commented May 23, 2024
edited
Loading

Deploy Preview for calico-docs-preview-next ready!

Name Link
🔨 Latest commit 17e9a65
🔍 Latest deploy log https://app.netlify.com/sites/calico-docs-preview-next/deploys/6669c5a865260b0008767e4e
😎 Deploy Preview https://deploy-preview-1495--calico-docs-preview-next.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
Lighthouse
Lighthouse		 1 paths audited
Performance: 37 (🔴 down 6 from production)
Accessibility: 90 (no change from production)
Best Practices: 83 (no change from production)
SEO: 86 (no change from production)
PWA: -
View the detailed breakdown and full score reports

To edit notification comments on pull requests, go to your Netlify site configuration.

@netlify Netlify
Copy link

netlify bot commented May 23, 2024
edited
Loading

Deploy Preview succeeded!

Built without sensitive environment variables

Name Link
🔨 Latest commit 17e9a65
🔍 Latest deploy log https://app.netlify.com/sites/tigera/deploys/6669c5a8b5bd530008692093
😎 Deploy Preview https://deploy-preview-1495--tigera.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
Lighthouse
Lighthouse		 1 paths audited
Performance: 23 (🔴 down 9 from production)
Accessibility: 90 (no change from production)
Best Practices: 75 (no change from production)
SEO: 93 (no change from production)
PWA: -
View the detailed breakdown and full score reports

To edit notification comments on pull requests, go to your Netlify site configuration.

stevegaossou
stevegaossou reviewed May 23, 2024
View reviewed changes
Copy link
Contributor

@stevegaossou stevegaossou left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added some initial comments.

I can wait until you and Chris sync up and you get a chance to fill in the rest of it before I do another pass over the PR.

calico-cloud/image-assurance/exceptions.mdx Outdated Show resolved Hide resolved
calico-cloud/image-assurance/exceptions.mdx Outdated Show resolved Hide resolved
calico-cloud/image-assurance/exceptions.mdx Outdated Show resolved Hide resolved
calico-cloud/image-assurance/exceptions.mdx Outdated Show resolved Hide resolved
@davido-tigera davido-tigera force-pushed the image-assurance-csv-exceptions branch from 4f459e8 to 48f4a88 Compare May 24, 2024 18:29
@ctauchen ctauchen added the WIP label Jun 4, 2024
@davido-tigera davido-tigera force-pushed the image-assurance-csv-exceptions branch 3 times, most recently from 5610d82 to d5bcd0b Compare June 4, 2024 22:25
@ctauchen
Copy link
Collaborator

ctauchen commented Jun 7, 2024

@davido-tigera I think the general approach here is sound. I still think the feature is weak where it comes to creating the CSV file. It's not great to have a bunch of tables and explanatory information inside a step procedure. You might consider chunking this more clearly into "Creating your CSV file" and "Uploading the CSV for bulk exceptions".

@stevegaossou will be able to continue with the final reviews and merges. If it merges before I'm back, I'll be sure to look it over and talk to you then if I have any more suggestions.

@davido-tigera davido-tigera force-pushed the image-assurance-csv-exceptions branch from d5bcd0b to 17e9a65 Compare June 12, 2024 15:58
lucastigera
lucastigera reviewed Jun 17, 2024
View reviewed changes
calico-cloud/image-assurance/exceptions.mdx

Upload the formatted CSV:

1. TODO write this
Copy link

@lucastigera lucastigera Jun 17, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@stevegaossou , there is a TODO here. My suggestion:

  1. Go to Image Assurance, Vulnerability Exceptions.
  2. Click on the top-right arrow-shaped button (Upload exceptions).
  3. Follow the instructions provided in the pop-up modal to create the vulnerability exceptions.

@stevegaossou stevegaossou added the [DON'T MERGE] Author wants to postpone the merge label Jun 20, 2024
lucastigera
lucastigera reviewed Jul 2, 2024
View reviewed changes
calico-cloud/image-assurance/exceptions.mdx
4. Open the exported CSV file in your preferred editor.
5. Add two columns: **Justification** and **Scope**.

The **Scope** column can have three values:
Copy link

@lucastigera lucastigera Jul 2, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@stevegaossou , a kind reminder to update these values to any, repo and image

@ctauchen ctauchen mentioned this pull request Jul 4, 2024
Merged
@ctauchen
Copy link
Collaborator

ctauchen commented Jul 4, 2024

Closing here, moving changes to #1539.

@ctauchen ctauchen closed this Jul 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stevegaossou stevegaossou stevegaossou left review comments

@lucastigera lucastigera lucastigera left review comments

Assignees
No one assigned
Labels
[DON'T MERGE] Author wants to postpone the merge WIP
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@davido-tigera @ctauchen @stevegaossou @lucastigera