Skip to content

Commit

Permalink
Merge branch 'suppress-vulns' into 'master'
Browse files Browse the repository at this point in the history 
add ENV variable to control security scans

See merge request nvidia/kubernetes/device-plugin!66
  • Loading branch information
@klueska
klueska committed Dec 14, 2020
2 parents effe0dd + cd3a346 commit 46113e2
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions .nvidia-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,9 +83,9 @@ stages:
- git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab-master.nvidia.com/sectooling/scanning/contamer.git
- cd contamer
- pip3 install -r requirements.txt
- python3 contamer.py -ls --fail-on-non-os ${CI_PROJECT_NAME}:${CI_COMMIT_SHA}-ubuntu16.04
- python3 contamer.py -ls --fail-on-non-os ${CI_PROJECT_NAME}:${CI_COMMIT_SHA}-centos7
- python3 contamer.py -ls --fail-on-non-os --suppress-vulns CVE-2020-14352 CVE-2020-15888 -- ${CI_PROJECT_NAME}:${CI_COMMIT_SHA}-ubi8
- python3 contamer.py -ls --fail-on-non-os ${CONTAMER_SUPPRESS_VULNS:+--suppress-vulns ${CONTAMER_SUPPRESS_VULNS}}-- ${CI_PROJECT_NAME}:${CI_COMMIT_SHA}-ubuntu16.04
- python3 contamer.py -ls --fail-on-non-os ${CONTAMER_SUPPRESS_VULNS:+--suppress-vulns ${CONTAMER_SUPPRESS_VULNS}}-- ${CI_PROJECT_NAME}:${CI_COMMIT_SHA}-centos7
- python3 contamer.py -ls --fail-on-non-os ${CONTAMER_SUPPRESS_VULNS:+--suppress-vulns ${CONTAMER_SUPPRESS_VULNS}} -- ${CI_PROJECT_NAME}:${CI_COMMIT_SHA}-ubi8

.release_action: &release_action
- make IMAGE="${NGC_REGISTRY_IMAGE}" VERSION="${CI_COMMIT_TAG}" all
Expand Down

0 comments on commit 46113e2

Please sign in to comment.