Skip to content

ci: enable Anchore Docker image scanning in prod and staging#111

Merged
pasevin merged 1 commit into
mainfrom
ci/enable-docker-image-scanning
May 28, 2026
Merged

ci: enable Anchore Docker image scanning in prod and staging#111
pasevin merged 1 commit into
mainfrom
ci/enable-docker-image-scanning

Conversation

@pasevin
Copy link
Copy Markdown
Collaborator

@pasevin pasevin commented May 28, 2026

Summary

  • Uncomment the dedicated linux/amd64 scanning build, Anchore vulnerability scan, and SARIF upload steps in both docker-prod.yaml and docker-stg.yaml
  • Drop the stale "uncomment after making repo public and adding codeql" comments now that those prerequisites are in place

Test plan

  • Confirm the workflows run end-to-end on this branch (scan + SARIF upload succeed)
  • Verify the SARIF report shows up under the Security tab after the workflow completes

🤖 Generated with Claude Code

@pasevin @claude
ci: enable Anchore Docker image scanning in prod and staging workflows
d52fea5 
Uncomment the scanning build, Anchore scan, and SARIF upload steps now
that the repo is public and CodeQL is set up.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@pasevin pasevin merged commit 2b30c2a into main May 28, 2026
11 checks passed
@pasevin pasevin deleted the ci/enable-docker-image-scanning branch May 28, 2026 07:26
@github-actions github-actions Bot locked and limited conversation to collaborators May 28, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

cla: allowlist

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pasevin