Done
Details
Assignee
Tahir AbbasiTahir AbbasiReporter
Tahir AbbasiTahir AbbasiHB Grooming Date
Oct 04, 2024HB Backlog Status
Refined BacklogSprint
NonePriority
High
Details
Details
Assignee
Tahir Abbasi
Tahir AbbasiReporter
Tahir Abbasi
Tahir AbbasiHB Grooming Date
Oct 04, 2024
HB Backlog Status
Refined Backlog
Sprint
None
Priority
High
PagerDuty
PagerDuty
PagerDuty
Created October 2, 2024 at 11:33 AM
Updated March 10, 2025 at 1:20 PM
Resolved March 6, 2025 at 11:35 AM
Implement a method to distinguish findings from the Trivy scan between OS, dependencies and OpenNMS installation.This may involve
OS vulnerabilities (Vulnerabilities in the operating system packages),
Vulnerabilities in libraries or frameworks for ONMS application uses.
Specific vulnerabilities related to OpenNMS.
Implement a scheduled job in the CircleCI pipeline that runs the Trivy vulnerability scan as part of the coverage pipeline once a week.