Skip to content

[ENH] - Scan Docker images for vulnerabilities #217

New issue
New issue
Open
Open
[ENH] - Scan Docker images for vulnerabilities#217
Assignees
marcelovilla
Labels
area: CI/CD 👷🏽‍♀️area: dependencies 📦area: security 🔐
Milestone
Trivy Scans
@marcelovilla

Description

@marcelovilla
marcelovilla
opened on May 6, 2025

Context

We currently do not have any mechanism in place to scan our Docker images for potential vulnerabilities once they have been built. Given that we already leverage Trivy in Nebari to scan for IaC misconfigurations, it would be worthwhile to extend its use here to scan the images after they have bee built.

Value and/or benefit

This would help us identify and remediate new and existing vulnerabilities in our different images.

Anything else?

No response

Metadata

Metadata

Assignees

Labels

area: CI/CD 👷🏽‍♀️area: dependencies 📦area: security 🔐

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions