Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Task]: Fix vulnerability checks #435

Closed
daphnegold opened this issue Aug 29, 2023 · 0 comments · Fixed by #452
Closed

[Task]: Fix vulnerability checks #435

daphnegold opened this issue Aug 29, 2023 · 0 comments · Fixed by #452
Assignees
@daphnegold
Labels
project: grants.gov Grants.gov Modernization tickets
Milestone
Infrastructure-as...

Comments

@daphnegold
Copy link
Contributor

daphnegold commented Aug 29, 2023
edited
Loading

Summary

CI vulnerability checks are extremely slow because each scan is building a new docker image, leading to 6+ minutes to run scans. Sharing a docker image between jobs would alleviate this and only need one build.

Options to investigate:

  • actions/cache (very fast)
  • artifact upload and download (slow)
  • ECR push and pull (slow)

Consider migrating back to Platform

Acceptance criteria

  • Update vulnerability checks to share docker image, hopefully quickly
@daphnegold daphnegold added docs: adr Architecture decision record ticket project: grants.gov Grants.gov Modernization tickets labels Aug 29, 2023
@daphnegold daphnegold added this to the Infrastructure-as-Code milestone Aug 29, 2023
@daphnegold daphnegold moved this from Refinement to Ready in Simpler.Grants.gov Product Backlog Aug 30, 2023
@daphnegold daphnegold self-assigned this Aug 30, 2023
@daphnegold daphnegold moved this from Ready to In Progress in Simpler.Grants.gov Product Backlog Aug 30, 2023
@daphnegold daphnegold removed the docs: adr Architecture decision record ticket label Aug 30, 2023
@daphnegold daphnegold mentioned this issue Aug 31, 2023
Merged
@daphnegold daphnegold changed the title [Task]: Github Actions CI/CD flow [Task]: Fix vulnerability checks Sep 1, 2023
@daphnegold daphnegold moved this from In Progress to In Review in Simpler.Grants.gov Product Backlog Sep 5, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@daphnegold daphnegold

Labels
project: grants.gov Grants.gov Modernization tickets
Projects
Simpler.Grants.gov Product Backlog
Archived in project
Milestone
Infrastructure-as-Code
Development

Successfully merging a pull request may close this issue.

[ISSUE 435] Fix vulnerability checks HHS/simpler-grants-gov
1 participant
@daphnegold