docs(devcontainer): add trivy and its VSCode Extension

Primary Changes 1) updated trivy verion in the .devcontainer file and included AquaSecurityOfficial.trivy-vulnerability-scanner vs-code extension 2) updated trivy version in ci.yaml 3) included AquaSecurityOfficial.trivy-vulnerability-scanner vs-code extension in the .vscode/extensions.json file 4) Updated node version so Dev container builds properly Fixes #2650 Signed-off-by: ashnashahgrover <[email protected]>
hyperledger-cacti · Jun 11, 2024 · 499fef9 · 499fef9
1 parent cc2f9c5
commit 499fef9
Show file tree

Hide file tree

Showing 7 changed files with 646 additions and 164 deletions.
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -31,7 +31,7 @@
 		},
 		"ghcr.io/devcontainers/features/node:1": {
 			"nodeGypDependencies": true,
-			"version": "18.19.0"
+			"version": "20.11.1"
 		},
 		"ghcr.io/devcontainers/features/rust:1": {
 			"version": "1.74",
@@ -42,7 +42,7 @@
 			"version": "v3.20.3"
 		},
 		"ghcr.io/dhoeric/features/trivy:1.0.0": {
-			"version": "0.49.1"
+			"version": "0.52.1"
 		}
 	},
 	"customizations": {
@@ -62,7 +62,8 @@
 				"eamodio.gitlens",
 				"streetsidesoftware.code-spell-checker",
 				"github.vscode-pull-request-github",
-				"codeandstuff.package-json-upgrade"
+				"codeandstuff.package-json-upgrade", 
+				"AquaSecurityOfficial.trivy-vulnerability-scanner"
 			]
 		}
 	},	

diff --git a/.github/workflows/cacti-dev-container-vscode-publish.yaml b/.github/workflows/cacti-dev-container-vscode-publish.yaml
@@ -1,7 +1,7 @@
 name: connector-fabric-publish
 
 env:
-  NODEJS_VERSION: v20.3.0
+  NODEJS_VERSION: v20.11.1
   IMAGE_NAME: cacti-dev-container-vscode
 
 on: