Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NO-JIRA: govulncheck ci #1138

Merged
merged 1 commit into from
Jan 2, 2025
Merged

NO-JIRA: govulncheck ci #1138

merged 1 commit into from
Jan 2, 2025

Conversation

Tal-or
Copy link
Collaborator

@Tal-or Tal-or commented Jan 1, 2025
edited
Loading

Add a new CI lane for checking go code vulnerabilities.

Signed-off-by: Talor Itzhak [email protected]

@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jan 1, 2025
@openshift-ci openshift-ci bot requested review from ffromani and shajmakh January 1, 2025 15:00
@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 1, 2025
@Tal-or Tal-or force-pushed the govulncheck_ci branch 3 times, most recently from 6211acb to 8215c5f Compare January 1, 2025 17:03
@Tal-or
Copy link
Collaborator Author

Tal-or commented Jan 1, 2025

running with the vulnerability we recently fix I'm seeing:

Your code is affected by 0 vulnerabilities.
This scan also found 1 vulnerability in packages you import and 0
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.

@Tal-or Tal-or changed the title wip: govulncheck ci NO-JIRA: govulncheck ci Jan 1, 2025
@openshift-ci-robot
Copy link

@Tal-or: This pull request explicitly references no jira issue.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jan 1, 2025
@openshift-ci-robot
Copy link

@Tal-or: This pull request explicitly references no jira issue.

In response to this:

Add a new CI lane for checking go code vulnerabilities.

Signed-off-by: Talor Itzhak [email protected]

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@Tal-or
Copy link
Collaborator Author

Tal-or commented Jan 1, 2025
edited
Loading

Running after the fix in #1127 I'm seeing:

No vulnerabilities found.

@Tal-or
gh-actions:govulncheck
94a2bbe 
Add a new CI lane for checking go code vulnerabilities.

Signed-off-by: Talor Itzhak <[email protected]>
swatisehgal
swatisehgal approved these changes Jan 2, 2025
View reviewed changes
Copy link
Collaborator

@swatisehgal swatisehgal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jan 2, 2025
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Jan 2, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: swatisehgal, Tal-or

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit 1908a17 into openshift-kni:main Jan 2, 2025
16 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@swatisehgal swatisehgal swatisehgal approved these changes

@ffromani ffromani Awaiting requested review from ffromani

@shajmakh shajmakh Awaiting requested review from shajmakh

Assignees

@swatisehgal swatisehgal

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Tal-or @openshift-ci-robot @swatisehgal