Backport of ci(security-scanner): add support for Red Hat UBI images …

…and fix typo into release/1.20.x (#21913) * backport of commit 8237ce0 * backport of commit f7dc68f * backport of commit 5610471 --------- Co-authored-by: dduzgun-security <[email protected]> Co-authored-by: Deniz Onur Duzgun <[email protected]>
hashicorp · Nov 4, 2024 · ac57f56 · ac57f56
1 parent bc70c83
commit ac57f56
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 7 deletions.
diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
@@ -14,7 +14,7 @@
 
 container {
 	dependencies = true
-	alpine_secdb = true
+	osv          = true
 
 	secrets {
 		matchers {
@@ -36,8 +36,7 @@ container {
 	# periodically cleaned up to remove items that are no longer found by the scanner.
 	triage {
 		suppress {
-			# N.b. `vulnerabilites` is the correct spelling for this tool.
-			vulnerabilites = [
+			vulnerabilities = [
 				"CVE-2024-8096", # [email protected],
 				"CVE-2024-9143", # [email protected],
 			]
@@ -79,8 +78,7 @@ binary {
 	# periodically cleaned up to remove items that are no longer found by the scanner.
 	triage {
 		suppress {
-			# N.b. `vulnerabilites` is the correct spelling for this tool.
-			vulnerabilites = [
+			vulnerabilities = [
 			]
 			paths = [
 				"internal/tools/proto-gen-rpc-glue/e2e/consul/*",

diff --git a/scan.hcl b/scan.hcl
@@ -28,8 +28,7 @@ repository {
   # periodically cleaned up to remove items that are no longer found by the scanner.
   triage {
     suppress {
-      # N.b. `vulnerabilites` is the correct spelling for this tool.
-      vulnerabilites = [
+      vulnerabilities = [
       ]
       paths = [
         "internal/tools/proto-gen-rpc-glue/e2e/consul/*",