Skip to main content

Week 4

Milestones

Exploring tools for Container Security
Testing GitHub Actions for Container Security - Snyk, Trivy, and Anchore (Grype)
Integrating Snyk and Anchore(Grype) Container scanning with SunbirdEd-portal repo

Screenshots / Videos

Snyk container scanning action

Action run history

Scan results of all tools

Example of a vulnerability detected

Contributions

Learnings

Presentation Link

Supermentor Feedback -

Deciding the phase in the pipeline of when the scanning should be performed - pereferably during the image building in the jenkins, before it is pushed / deployed.
Providing more integrated and informational reports of the vulnerabilities involed, so that more context is visible regarding fixing it.

Milestones
Screenshots / Videos
Contributions
Learnings