Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

change default behavior so action fails on medium (and higher) severities #86

Merged
merged 5 commits into from Mar 5, 2021
Merged

change default behavior so action fails on medium (and higher) severities #86

merged 5 commits into from Mar 5, 2021

Conversation

alfredodeza
Copy link
Contributor

Fixes issue #83

@alfredodeza alfredodeza force-pushed the issue-83 branch 4 times, most recently from 650afb7 to 7dad812 Compare March 4, 2021 21:42
@alfredodeza alfredodeza requested a review from luhring March 5, 2021 00:18
luhring
luhring reviewed Mar 5, 2021
View reviewed changes
action.yml Outdated
@@ -15,9 +15,9 @@ inputs:
required: false
default: 'false'
fail-build:
description: 'Set to any value to cause build to fail upon failed anchore policy evaluation'
description: 'Set to false to avoid failing based on severity level. Default is to fail when severity threshold is met'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd suggest being consistent with what we call the severity threshold. Here was say "severity threshold", but it looks like elsewhere in this action's settings we say "severity-cutoff"

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@luhring I went to make the change, but the thing is that severity-cutoff is the key, not a wording. So I could make everything refer to that key instead. Is that what you were thinking too?

That is: the severity threshold is the value for the severity-cutoff configuration key

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@alfredodeza I think I'm missing something - perhaps a 3 min zoom session would set me straight 😄

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've updated this to use severity-cutoff instead of "severity threshold"

Alfredo Deza added 5 commits March 5, 2021 11:07
change action default description for failing
f914fdf 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
readme: update failures and severity
e092061 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
tests: set fail-build to true because of change in default behavior
a46c364 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
github: do not fail the build
3093eea 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
tests: add context to failures
099f810 
Signed-off-by: Alfredo Deza <adeza@anchore.com>
luhring
luhring approved these changes Mar 5, 2021
View reviewed changes
Copy link
Contributor

@luhring luhring left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

@alfredodeza alfredodeza merged commit 19afff6 into main Mar 5, 2021
@alfredodeza alfredodeza deleted the issue-83 branch March 10, 2021 16:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@luhring luhring luhring approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@alfredodeza @luhring