Merge pull request #141 from nirmata/go-visa-cve

go version bump visa
nirmata · Jul 24, 2024 · bfbc3ac · bfbc3ac
2 parents 4dd9ea7 + d9b7f48
commit bfbc3ac
Show file tree

Hide file tree

Showing 5 changed files with 2 additions and 33 deletions.
diff --git a/.github/workflows/image-alpine-publish.yaml b/.github/workflows/image-alpine-publish.yaml
@@ -30,14 +30,6 @@ jobs:
         uses: ./.github/actions/setup-build-env
         with:
           build-cache-key: publish-alpine-images
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee # v0.9.2
-        with:
-          scan-type: 'fs'
-          ignore-unfixed: true
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          severity: 'CRITICAL,HIGH'
       - name: Install Cosign
         uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
         with:

diff --git a/.github/workflows/images-build.yaml b/.github/workflows/images-build.yaml
@@ -24,11 +24,3 @@ jobs:
           build-cache-key: build-images
       - name: ko build
         run: VERSION=${{ github.ref_name }} make ko-build-all
-      - name: Trivy Scan Image
-        uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee # v0.9.2
-        with:
-          scan-type: 'fs'
-          ignore-unfixed: true
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          severity: 'CRITICAL,HIGH'
diff --git a/.github/workflows/images-publish.yaml b/.github/workflows/images-publish.yaml
@@ -32,14 +32,7 @@ jobs:
         uses: ./.github/actions/setup-build-env
         with:
           build-cache-key: publish-images
-      - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee # v0.9.2
-        with:
-          scan-type: 'fs'
-          ignore-unfixed: true
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          severity: 'CRITICAL,HIGH'
+
       - name: Install Cosign
         uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
         with:

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -26,14 +26,6 @@ jobs:
         uses: ./.github/actions/setup-build-env
         with:
           build-cache-key: release-images
-      - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee # v0.9.2
-        with:
-          scan-type: 'fs'
-          ignore-unfixed: true
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          severity: 'CRITICAL,HIGH'
       - name: Install Cosign
         uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
         with:

diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/kyverno/kyverno
 
-go 1.22
+go 1.22.5
 
 require (
 	github.com/IGLOU-EU/go-wildcard v1.0.3