From 9541ddb702175e4f840a95944ce10e67411b4579 Mon Sep 17 00:00:00 2001 From: Abhisek Dwivedi Date: Thu, 12 Oct 2023 00:37:30 +0530 Subject: [PATCH] Added check for fixable vulnerabilities --- .snyk | 4 ---- Jenkinsfile | 6 +++--- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/.snyk b/.snyk index c3519ffba..e6badf113 100644 --- a/.snyk +++ b/.snyk @@ -5,10 +5,6 @@ # Helm-chart related ignore rules should be added directly in the Snyk UI ignore: - SNYK-RHEL8-OPENSSLLIBS-3315644: - - '*': - reason: fix not available - expires: 2023-04-18T11:38:28.614Z SNYK-CC-K8S-1: - 'config/samples/storage/aerospike_local_volume_provisioner.yaml > *': reason: Third-party (Local Static Provisioner) manifest file diff --git a/Jenkinsfile b/Jenkinsfile index ad76eadcc..bb0f01c6e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -77,11 +77,11 @@ pipeline { sh "set +x; ./snyk-linux auth \$(cat ${env.WORKSPACE}/../../aerospike-kubernetes-operator-resources/third-party-credentials/snyk); set -x" // Scan the dependencies - sh "./snyk-linux test --severity-threshold=high" + sh "./snyk-linux test --severity-threshold=high --fail-on=all" // Scan the operator images - sh "./snyk-linux container test ${OPERATOR_CONTAINER_IMAGE_CANDIDATE_NAME} --severity-threshold=high --file=Dockerfile --policy-path=.snyk" - sh "./snyk-linux container test ${OPERATOR_BUNDLE_IMAGE_CANDIDATE_NAME} --severity-threshold=high --file=Dockerfile --policy-path=.snyk" + sh "./snyk-linux container test ${OPERATOR_CONTAINER_IMAGE_CANDIDATE_NAME} --severity-threshold=high --file=Dockerfile --policy-path=.snyk --fail-on=all" + sh "./snyk-linux container test ${OPERATOR_BUNDLE_IMAGE_CANDIDATE_NAME} --severity-threshold=high --file=Dockerfile --policy-path=.snyk --fail-on=all" } } }