Skip to content

ci: image collection and scanning#461

Open
davrad wants to merge 7 commits into
mainfrom
feat/add-image-check
Open

ci: image collection and scanning#461
davrad wants to merge 7 commits into
mainfrom
feat/add-image-check

Conversation

@davrad

@davrad davrad commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

📝 Summary

This PR adds image scanning and Trivy analysis to the CI.
In addition it updates the goreleaser schema to include an image section into the header, such that in each release, all the image versions of the standard kubara catalog are also listed.

🧩 Type of change

  • 🔧 CLI / Go code
  • 📦 Helm chart
  • 🧱 Terraform module
  • 📝 Documentation
  • 🧪 Test or CI change
  • ♻️ Refactor / cleanup

⚠️ Is this a breaking change?

  • Yes, this change breaks existing functionality (explain in summary)

🧪 Testing

  • CI passed
  • Manually tested (local/dev cluster)
  • Unit tested
  • Not tested (explain why below)

🔗 Related Issues / Tickets

✅ Checklist

  • Code compiles and passes all tests
  • Linting and style checks pass
  • Comments added for complex logic
  • Documentation updated (if applicable)

📎 Additional Context (optional)

@davrad davrad force-pushed the feat/add-image-check branch 2 times, most recently from 23d42ed to cd48076 Compare June 29, 2026 18:52
@tuunit tuunit changed the title Feat/add image check ci: image collection and scanning Jul 1, 2026
@github-advanced-security

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

Comment thread .scripts/image-version.sh
Comment on lines +9 to +12

MANAGED="${MANAGED:-${PWD}/managed-service-catalog/helm}"
PROFILES="${PROFILES:-${SCRIPT_DIR}/../.github/helm-profiles}"
OUTPUT_FILE="${OUTPUT_FILE:-}"

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the current profiles don't activate all components. We need to render all our charts. At the moment the report is missing metrics-server, longhorn, loki, external-dns, metallb, velero

@davrad davrad marked this pull request as ready for review July 3, 2026 07:19
@davrad davrad requested a review from a team July 3, 2026 07:19
@davrad davrad force-pushed the feat/add-image-check branch from 4ef46cb to 375297f Compare July 3, 2026 07:20
@davrad

davrad commented Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

The Pipepiline currently runs into Caching issues.

Caching issues were addressed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants