Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

24.12 Antalya Grype Workflow #664

Open
wants to merge 35 commits into
base: antalya
Choose a base branch
from
Open

24.12 Antalya Grype Workflow #664

wants to merge 35 commits into from

Conversation

strtgbb
Copy link
Collaborator

@strtgbb strtgbb commented Feb 27, 2025
edited
Loading

Changelog category (leave one):

  • CI Fix or Improvement (changelog entry is not required)

Adding a workflow for Grype scanning

Exclude tests:

  • Fast test
  • Integration Tests
  • Stateless tests
  • Stateful tests
  • Performance tests
  • All with ASAN
  • All with TSAN
  • All with MSAN
  • All with UBSAN
  • All with Coverage
  • All with Aarch64
  • All Regression
  • Disable CI Cache

@altinity-robot
Copy link
Collaborator

altinity-robot commented Feb 27, 2025
edited
Loading

This is an automated comment for commit 414a1de with description of existing statuses. It's updated for the latest CI running

❌ Click here to open a full report in a separate page

Check nameDescriptionStatus
Grype Scan altinityinfra/clickhouse-keeper:664-24.12.2.20262.altinityantalyaThere's no description for the check yet, please add it to tests/ci/ci_config.py:CHECK_DESCRIPTIONS❌ failure
Sign releaseThere's no description for the check yet, please add it to tests/ci/ci_config.py:CHECK_DESCRIPTIONS❌ error
Stress testRuns stateless functional tests concurrently from several clients to detect concurrency-related errors❌ failure
Successful checks
Check nameDescriptionStatus
BuildsThere's no description for the check yet, please add it to tests/ci/ci_config.py:CHECK_DESCRIPTIONS✅ success
Compatibility checkChecks that clickhouse binary runs on distributions with old libc versions. If it fails, ask a maintainer for help✅ success
Docker keeper imageThe check to build and optionally push the mentioned image to docker hub✅ success
Docker server imageThe check to build and optionally push the mentioned image to docker hub✅ success
Grype Scan altinityinfra/clickhouse-server:664-24.12.2.20262.altinityantalya-alpineThere's no description for the check yet, please add it to tests/ci/ci_config.py:CHECK_DESCRIPTIONS✅ success
Grype Scan altinityinfra/clickhouse-server:664-24.12.2.20262.altinityantalyaThere's no description for the check yet, please add it to tests/ci/ci_config.py:CHECK_DESCRIPTIONS✅ success
Install packagesChecks that the built packages are installable in a clear environment✅ success
Ready for releaseThere's no description for the check yet, please add it to tests/ci/ci_config.py:CHECK_DESCRIPTIONS✅ success
Stateful testsRuns stateful functional tests for ClickHouse binaries built in various configurations -- release, debug, with sanitizers, etc✅ success

@strtgbb strtgbb marked this pull request as ready for review February 27, 2025 23:09
@strtgbb strtgbb force-pushed the 24.12_grype_workflow branch from 69dd3af to a3ac905 Compare March 11, 2025 02:42
@strtgbb strtgbb force-pushed the 24.12_grype_workflow branch from ef2fffd to 1d25532 Compare March 27, 2025 16:33
@strtgbb
Copy link
Collaborator Author

strtgbb commented Mar 31, 2025

Currently, the state of the Grype job in ci_running will always be success. Do we want to have it fail if high/severe issues are found?

@strtgbb strtgbb requested review from Enmk and MyroTk March 31, 2025 13:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MyroTk MyroTk MyroTk approved these changes

@Enmk Enmk Awaiting requested review from Enmk

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@strtgbb @altinity-robot @Enmk @MyroTk