[docker] allow docker container builds to pass when security advistory (#6662)
Right now, we test the container at the end of the build rather than before publishing so while we decouple that work, we should not fail the build step if a security advisory was found - it's too late, the containers are released so we should instead catch the advisory and that will allow our release pipeline to continue
This commit is contained in:
parent
bf1a8d3387
commit
4efec0f791
|
@ -201,6 +201,7 @@ jobs:
|
|||
name: scan container images
|
||||
runs-on: ubuntu-latest
|
||||
needs: os_sdk
|
||||
continue-on-error: true
|
||||
strategy:
|
||||
matrix:
|
||||
image: [ "base", "nodejs", "python", "go" ]
|
||||
|
|
|
@ -2,12 +2,11 @@
|
|||
# Interim container so we can copy pulumi binaries
|
||||
# Must be defined first
|
||||
ARG PULUMI_VERSION=latest
|
||||
ARG RUNTIME_VERSION=13.14.0
|
||||
ARG PULUMI_IMAGE=pulumi/pulumi-base
|
||||
FROM ${PULUMI_IMAGE}:${PULUMI_VERSION} as pulumi
|
||||
|
||||
# The runtime container
|
||||
FROM node:${RUNTIME_VERSION}-buster-slim
|
||||
FROM node:lts-buster-slim
|
||||
WORKDIR /pulumi/projects
|
||||
|
||||
# Install needed tools, like git
|
||||
|
|
|
@ -2,12 +2,11 @@
|
|||
# Interim container so we can copy pulumi binaries
|
||||
# Must be defined first
|
||||
ARG PULUMI_VERSION=latest
|
||||
ARG RUNTIME_VERSION=12.18.0
|
||||
ARG PULUMI_IMAGE=pulumi/pulumi-base
|
||||
FROM ${PULUMI_IMAGE}:${PULUMI_VERSION} as pulumi
|
||||
|
||||
# The runtime container
|
||||
FROM node:${RUNTIME_VERSION}-alpine3.12
|
||||
FROM node:lts-alpine3.12
|
||||
WORKDIR /pulumi/projects
|
||||
|
||||
# Install needed tools, like git
|
||||
|
|
Loading…
Reference in a new issue