Skip to content

added container scanning to attribute-service repo #132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 20, 2022
Merged

added container scanning to attribute-service repo #132

merged 1 commit into from
Jul 20, 2022

Conversation

@senanjude0
Copy link
Contributor

@senanjude0 senanjude0 commented Jul 20, 2022

Description

Please include a summary of the change, motivation and context.

added container scanning to attribute-service repo

Testing

Please describe the tests that you ran to verify your changes. Please summarize what did you test and what needs to be tested e.g. deployed and tested helm chart locally.

Checklist:

  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • Any dependent changes have been merged and published in downstream modules

Documentation

Make sure that you have documented corresponding changes in this repository or hypertrace docs repo if required.

@senanjude0 senanjude0 requested a review from a team as a code owner July 20, 2022 04:59
@senanjude0 senanjude0 requested review from a team and ravisingal July 20, 2022 04:59
@github-actions

This comment has been minimized.

Sign in to view
@codecov
Copy link

codecov bot commented Jul 20, 2022

Codecov Report

Merging #132 (c497b4e) into main (328273f) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##               main     #132   +/-   ##
=========================================
  Coverage     81.47%   81.47%           
  Complexity      230      230           
=========================================
  Files            28       28           
  Lines           772      772           
  Branches         60       60           
=========================================
  Hits            629      629           
  Misses           93       93           
  Partials         50       50
Flag Coverage Δ
integration 81.47% <ø> (ø)
unit 68.26% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

aaron-steinfeld
aaron-steinfeld reviewed Jul 20, 2022
View reviewed changes
.github/workflows/pr-build.yml
id: tag
run: echo ::set-output name=tag::$(./gradlew -q printDockerImageDefaultTag | head -1)

- name: Scan docker image
Copy link
Contributor

@aaron-steinfeld aaron-steinfeld Jul 20, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we move this into the test job (or give it its own?)

Copy link
Contributor

@ravisingal ravisingal Jul 20, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is scanning the container image created just before this step. if we move it to another job then we will have to build docker image again.

Copy link
Contributor

@aaron-steinfeld aaron-steinfeld Jul 20, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess the tradeoff here is we've already built the image vs the test job is the more appropriate place to run this... test. Given that we want to login in order to build the job though, we'd need a new job anyway so I suppose it's moot. Carry on.

Copy link
Contributor

@aaron-steinfeld aaron-steinfeld Jul 20, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The repetition is less concerning to me - we do 90% of that in the test job to run integration tests, for example. The problem is the secret management - whatever job builds the image needs to be in this workflow (specifically, triggered by pull_request_target rather than pull_request which is what test uses), so we'd need a brand new job if we wanted to separate it which isn't worth it.

@senanjude0 senanjude0 merged commit 705c5b4 into main Jul 20, 2022
@senanjude0 senanjude0 deleted the container-scan branch July 20, 2022 14:51
@github-actions
Copy link
Contributor

github-actions bot commented Jul 20, 2022

Unit Test Results

21 files  ±0  21 suites  ±0   9s ⏱️ ±0s
79 tests ±0  79 ✔️ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 705c5b4. ± Comparison against base commit 328273f.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aaron-steinfeld aaron-steinfeld aaron-steinfeld approved these changes

@ravisingal ravisingal ravisingal approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@senanjude0 @aaron-steinfeld @ravisingal