Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Task]: Add Analytics to Vulnerability Scans #1596

Closed
2 tasks
acouch opened this issue Apr 2, 2024 · 3 comments · Fixed by #1603
Closed
2 tasks

[Task]: Add Analytics to Vulnerability Scans #1596

acouch opened this issue Apr 2, 2024 · 3 comments · Fixed by #1603
Labels
project: grants.gov Grants.gov Modernization tickets
Milestone
Delivery dashboar...

Comments

@acouch
Copy link
Collaborator

acouch commented Apr 2, 2024
edited
Loading

Summary

We are deploying the analytics service(#1574). While the service itself is only internally facing, we want to run the vulnerability scans on it.

This task would involve running the scans:

or this could be pulled out into separate tasks.

Acceptance criteria

  • add CI scanning to analytics folder
  • update the container image so it passes
@acouch acouch added the project: grants.gov Grants.gov Modernization tickets label Apr 2, 2024
@acouch acouch added this to the Delivery dashboard - Security milestone Apr 2, 2024
@coilysiren
Copy link
Collaborator

Already done the CI part: #1603

@coilysiren coilysiren mentioned this issue Apr 2, 2024
Merged
@coilysiren
Copy link
Collaborator

^ I'm not specifically planning on doing the "make scans pass" part right now

@coilysiren
Copy link
Collaborator

Update, I'm working on this entire ticket and almost done

coilysiren added a commit that referenced this issue Apr 9, 2024
@coilysiren @jamesbursa
[Issue 1596] Run vuln scans on analytics directory (#1603)
fbaf44a 
## Summary
Fixes #1596

### Time to review: __2 mins__

## Changes proposed

- run vulnerability scans on the analytics directory
- run `poetry update`

---------

Co-authored-by: James Bursa <james@navapbc.com>
@sumiat sumiat removed the refinement label Apr 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
project: grants.gov Grants.gov Modernization tickets
Projects
Simpler.Grants.gov Product Backlog
Status: Done
Milestone
Delivery dashboard - Security
Development

Successfully merging a pull request may close this issue.

[Issue 1596] Run vuln scans on analytics directory HHS/simpler-grants-gov
3 participants
@acouch @coilysiren @sumiat