Skip to content

Add Copa to patch all docker image vulnerabilities reported by Trivy #627

@SaptarshiSarkar12

Description

@SaptarshiSarkar12

Description

Trivy has detected many vulnerabilities for drifty-cli and drifty-gui docker images along with fixed versions for some. So, an automated fixing of those and any future vulnerabilities must be implemented. Copacetic has proven to be the right tool for auto-fixing those vulnerabilities. They also have created a GitHub Actions to automate the fix.

Additional information

For now, some vulnerabilities (might be false positive; not confirmed yet), copa fails to patch the update. Here are some links to issues regarding the same:

Those CVEs have FIPS packages as their fixed versions which might be a clue to the cause of failure of copa.

Do you want to work on this issue?

Yes

Metadata

Metadata

Labels

CI/CD 🔁Pull Requests which update GitHub Actions codedocker 🐋Issues/Pull Requests regarding dockerfeature ✨New feature request or addition

Projects

Status

Done

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions