Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Container image scanning? #55

Open
Darwiner opened this issue Jul 29, 2024 · 1 comment
Open

Container image scanning? #55

Darwiner opened this issue Jul 29, 2024 · 1 comment

Comments

@Darwiner
Copy link
Contributor

Has anyone been able to get any useful output from combining trivy + reviewdog for container image scanning?

I would have hoped to keep using https://github.com/reviewdog/action-trivy for both fs scans (which works great) as much as image scans (and not have to also use https://github.com/reviewdog/action-trivy for image scans), but I'm not finding any method to get any useful output in any way.

Considering the output that trivy comes up for container image scans, which doesn't reference to any file nor location that reviewdog sees... I suppose that might be why there's nothing to reference to and the result is just nothing (even with setting filter mode to nofilter)?

At best, I could add a trivy flag to also output to a file, and have that file be included as a PR comment... But then comes the fact that the file would be in sarif format. Not very useful from a human-readable standpoint. :)

@nayuta
Copy link
Contributor

nayuta commented Aug 20, 2024

@Darwiner I think reviewdog on image scanning is not suitable for GitHub PR. As you said, in GitHub PR, we (and the reviewer) can not comment on other than changed lines. So, we can add comments without any changed lines, but they don't need to be reviewed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants