[BUILD-728] Extract CVE scans to their own pipeline Created: 25/Mar/22  Updated: 30/Mar/22  Resolved: 30/Mar/22

Status: Closed
Project: Build
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Neutral
Reporter: Maxime Michel Assignee: Maxime Michel
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
relation
is related to BUILD-723 Move cloud validation from pipeline-t... Closed
is related to BUILD-624 Run CVE scans on dx-core & addon-packs Closed
Template:
Acceptance criteria:
Empty

 Description   

Affected projects:

  • dx-core, scanProjects: 'magnolia-dx-core-webapp'
  • ee, scanProjects: 'magnolia-enterprise-pro-webapp'
  • addon-tests, scanProjects: 'magnolia-addon-tests/magnolia-addon-test-author-webapp'
  • addon-packs, scanProjects: 'magnolia-addon-webapp'
  • blossom, scanProjects: 'magnolia-blossom-sample-webapp'
  • tomcat-barebone, scanProjects: 'all'

TODOs:

  • create new pipeline that runs CVE scans overnight with the above repositories & parameters
  • remove CVE scans from pipeline-templates
  • remove scanProjects param from individual pipelines

Generated at Sun Feb 11 23:44:36 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.