-
Notifications
You must be signed in to change notification settings - Fork 112
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FEATURE] Periodic maintenance of existing releases artifacts #1358
Comments
@SaschaSchwarze0 please complement the above if needed. |
Thanks @qu1queee, I think that we should aim to have this for our latest release. Implementation-wise, my proposal would be a GitHub action that ...
Sounds like a cool exercise. |
From refinement, we are looking for more ideas on this. |
@adambkaplan I think that's what you're covering anyway through SHIP-0038. |
SHIP-0038 covers the process for backporting bug fixes and security patches. It doesn't cover active scanning. |
Is there an existing feature request for this?
Is your feature request related to a problem or use-case? Please describe.
To a use case. We should ensure that existing releases of Shipwright/Build are not subject to vulnerabilities. More specifically, the container images they produce. In order to ensure this, we need a regular update of existing releases images and manifests.
Describe the solution that you would like.
There is an automation that regularly validates existing Shipwright/Build releases images, and up-date them if needed.
Describe alternatives you have considered.
None
Anything else?
No
The text was updated successfully, but these errors were encountered: