Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(checks): Schedule automated releases for trivy-checks bundles #7030

Open
simar7 opened this issue Jun 26, 2024 · 3 comments
Open

feat(checks): Schedule automated releases for trivy-checks bundles #7030

simar7 opened this issue Jun 26, 2024 · 3 comments
Assignees
@simar7
Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning
Milestone
v0.60.0

Comments

@simar7
Copy link
Member

simar7 commented Jun 26, 2024
edited
Loading

Today trivy-checks bundles are released manually, usually once a month in time for the next trivy release.

We could automate this process by defining the trigger for a bundle release on time. That way, we could schedule a new bundle release every 24h (as an example).

This automatically generated bundle could use the :canary tag. This would ensure that downstream Trivy users don't automatically pick it up but instead can chose to if they manually specify to do so. For the time being we would still generate a tag each month to cut a new tagged release of the bundle which downstream trivy users can use.

Requires #7029 to be in place as we will need to make sure the automatically released bundles don't cause breakages in any way.
@simar7 simar7 added kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning labels Jun 26, 2024
@simar7 simar7 mentioned this issue Jun 26, 2024
Open
@simar7
Copy link
Member Author

simar7 commented Jun 26, 2024

cc @chen-keinan

@nikpivkin
Copy link
Contributor

Did you mean some other tag for automatically released bundles, not latest? Right now Trivy automatically loads a bundle with the tag latest.

@simar7
Copy link
Member Author

simar7 commented Jul 10, 2024
edited
Loading

Did you mean some other tag for automatically released bundles, not latest? Right now Trivy automatically loads a bundle with the tag latest.

Ah you're right, we should use :canary in that case. Updated.

@simar7 simar7 added this to the v0.58.0 milestone Oct 24, 2024
@simar7 simar7 self-assigned this Oct 24, 2024
@simar7 simar7 modified the milestones: v0.58.0, v0.59.0 Nov 25, 2024
@simar7 simar7 modified the milestones: v0.59.0, v0.60.0 Dec 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simar7 simar7

Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning
Projects
Trivy Roadmap
Status: No status
Milestone
v0.60.0
Development

No branches or pull requests
2 participants
@simar7 @nikpivkin