📖document OpenSSF Scorecard and Trivy image scanning workflows #572
Conversation
Signed-off-by: mrhapile <allinonegaming3456@gmail.com>
kubestellar-prow
bot
added
the
dco-signoff: yes
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
github-actions
bot
added
the
documentation
kubestellar-prow
bot
added
needs-ok-to-test
|
Hi @mrhapile. Thanks for your PR. I'm waiting for a kubestellar member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
✅ Deploy Preview for kubestellar-docs ready!Built without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify project configuration. |
mrhapile
changed the title
There was a problem hiding this comment.
Pull request overview
This pull request adds documentation for the OpenSSF Scorecard and Trivy image scanning security workflows that were introduced in the main KubeStellar repository (PR #3605). The documentation explains how these automated security scanning tools are integrated into the CI pipeline.
Changes:
- Added a new "CI security scanning" section to the testing documentation
- Documented OpenSSF Scorecard workflow for evaluating security best practices
- Documented Trivy image scanning workflow for detecting vulnerabilities in container images
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| When enabled, this workflow typically runs on a schedule and/or on | ||
| changes to the main branch. The results are published to the GitHub | ||
| **Security** tab. |
There was a problem hiding this comment.
The phrase "When enabled" is ambiguous and may confuse readers about whether the OpenSSF Scorecard workflow is currently active in the KubeStellar project. Consider rephrasing to clearly indicate the workflow's current status, such as "This workflow runs on a schedule and/or on changes to the main branch" if it's currently active, or explicitly stating "If enabled in the future" if it's not yet active.
| When enabled, this workflow typically runs on a schedule and/or on | |
| changes to the main branch. The results are published to the GitHub | |
| **Security** tab. | |
| This workflow runs on a schedule and/or on changes to the main branch. | |
| The results are published to the GitHub **Security** tab. |
|
/ok-to-test |
kubestellar-prow
bot
added
ok-to-test
|
/retest |
1 similar comment
|
/retest |
|
The Please rebase your branch on main or merge main into your branch to pick up the workflow changes: git fetch origin main
git rebase origin/main
git push --force-with-leaseThis will stop the failing workflows from running. |
clubanderson
added
the
kind/documentation
CI Failure: npm lockfile out of syncThe build is failing because FixPlease run the following to update your lockfile: npm install
git add package-lock.json
git commit -s -m "🐛 Update package-lock.json to sync with package.json"
git pushThis will regenerate the lockfile with the correct dependency versions. |
📖 Preview LinksThe following documentation pages were changed in this PR:
|
2 participants
Fixes #568
Documents the OpenSSF Scorecard and Trivy image scanning workflows
introduced in kubestellar#3605.
This change is documentation-only and does not affect runtime behavior.