Skip to content

[ENTSEC-0] Adding Wiz Scanning to Repo#400

Open
jokersplc wants to merge 7 commits into
masterfrom
ENTSEC-0
Open

[ENTSEC-0] Adding Wiz Scanning to Repo#400
jokersplc wants to merge 7 commits into
masterfrom
ENTSEC-0

Conversation

@jokersplc

@jokersplc jokersplc commented Jun 12, 2026

Copy link
Copy Markdown

What Changed:

  • Added Wiz Image Scanning to Repo Workflow

Why the Change?

  • Increased visibility for vulnerability management of customer facing downloadable resources
  • Customer reported several CVEs asking if affected - No current visibility within Wiz
  • Helps to reduce Security Footprint of downloadable resources
  • Helps to increase Customer Confidence

@jokersplc jokersplc requested a review from a team as a code owner June 12, 2026 16:07
@jokersplc jokersplc requested review from a team and nbuckwalt and removed request for a team June 12, 2026 16:09
@nbuckwalt nbuckwalt requested a review from Copilot June 12, 2026 18:27
Copilot AI reviewed Jun 12, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a dedicated GitHub Actions workflow to build the repository’s Docker image and run Wiz CLI container-image scanning, with the intent of improving visibility into vulnerabilities in downloadable/customer-facing artifacts.

Changes:

  • Introduces a new wiz-scan GitHub Actions workflow triggered on push and pull_request to master.
  • Builds a local Docker image on the runner and scans it via Wiz CLI, uploading the scan output as a workflow artifact.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/wiz-scan.yml
Comment thread .github/workflows/wiz-scan.yml Outdated
Comment thread .github/workflows/wiz-scan.yml Outdated
Comment thread .github/workflows/wiz-scan.yml
Comment thread .github/workflows/wiz-scan.yml
jokersplc and others added 5 commits June 12, 2026 13:45
@jokersplc
Potential fix for pull request finding
b7a19d4 
This change makes sense

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@jokersplc
Potential fix for pull request finding
ba77eba 
This change makes sense

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@jokersplc
Potential fix for pull request finding
e692e90 
With the Scan results being uploaded to Wiz upon completion, having a retention period in Github makes sense.

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@jokersplc
Potential fix for pull request finding
24a1cf9 
The recommendation makes sense from a Forked PR aspect since the secrets would not be available.

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@jokersplc
WizCLI version pinning
bdee3e0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@nbuckwalt nbuckwalt Awaiting requested review from nbuckwalt

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jokersplc