chore(ci): Remove trivy - Manifests by sameerdattav · Pull Request #3424 · kubeflow/community-distribution

sameerdattav · 2026-03-25T21:22:13Z

Removing trivy action - as instructed by @andreyvelich following kubeflow/katib#2644

Signed-off-by: Surya Sameer Datta Vaddadi <f20220373@goa.bits-pilani.ac.in>

github-actions · 2026-03-25T21:22:25Z

Welcome to the Kubeflow Manifests Repository

Thanks for opening your first PR. Your contribution means a lot to the Kubeflow community.

Before making more PRs:
Please ensure your PR follows our Contributing Guide.
Please also be aware that many components are synchronizes from upstream via the scripts in /scripts.
So in some cases you have to fix the problem in the upstream repositories first, but you can use a PR against kubeflow/manifests to test the platform integration.

Community Resources:

CNCF Slack channels: https://www.kubeflow.org/docs/about/community/#kubeflow-slack-channels
Community meetings: https://www.kubeflow.org/docs/about/community/

Thanks again for helping to improve Kubeflow.

Copilot

Pull request overview

This PR removes the GitHub Actions workflow that performed image extraction and Trivy-based vulnerability scanning for the kubeflow/manifests repository, aligning with the referenced instruction to drop this action.

Changes:

Deleted .github/workflows/trivy.yaml, removing the CI job that installed kustomize/trivy/python and ran tests/trivy_scan.py.
Eliminated artifact upload of trivy_scanned_results from CI.

juliusvonkohout · 2026-03-26T09:41:31Z

Hello, this action is self-written. Why do you want to remove it ? Is the binary affected ?

juliusvonkohout · 2026-03-26T09:41:59Z

/hold

andreyvelich · 2026-03-26T13:36:44Z

Hello, this action is self-written. Why do you want to remove it ? Is the binary affected ?

@juliusvonkohout Please check the Slack security thread.

Signed-off-by: Surya Sameer Datta Vaddadi <f20220373@goa.bits-pilani.ac.in>

juliusvonkohout · 2026-03-27T08:21:59Z

/lgtm
/approve

juliusvonkohout · 2026-03-27T08:37:47Z

/unhold

juliusvonkohout · 2026-03-27T08:39:05Z

/hold
Again. With 0.69.3 considered safe and immutable releases

juliusvonkohout · 2026-03-27T08:41:55Z

Ok but as discussed with the cncf supply chain guy
/lgtm
/approve
/unhold

google-oss-prow · 2026-03-27T08:42:01Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: juliusvonkohout

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~OWNERS~~ [juliusvonkohout]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Remove trivy - Manifests

e867b50

Signed-off-by: Surya Sameer Datta Vaddadi <f20220373@goa.bits-pilani.ac.in>

Copilot AI review requested due to automatic review settings March 25, 2026 21:22

google-oss-prow Bot requested review from kimwnasptd and tarekabouzeid March 25, 2026 21:22

google-oss-prow Bot added the size/M label Mar 25, 2026

Copilot started reviewing on behalf of sameerdattav March 25, 2026 21:22 View session

Copilot AI reviewed Mar 25, 2026

View reviewed changes

google-oss-prow Bot added the do-not-merge/hold label Mar 26, 2026

juliusvonkohout reviewed Mar 26, 2026

View reviewed changes

Comment thread .github/workflows/trivy.yaml

Restored the trivy workflow and commented instead

7a6dd2e

Signed-off-by: Surya Sameer Datta Vaddadi <f20220373@goa.bits-pilani.ac.in>

google-oss-prow Bot added size/S and removed size/M labels Mar 26, 2026

google-oss-prow Bot assigned juliusvonkohout Mar 27, 2026

google-oss-prow Bot added lgtm approved labels Mar 27, 2026

google-oss-prow Bot removed the do-not-merge/hold label Mar 27, 2026

google-oss-prow Bot added the do-not-merge/hold label Mar 27, 2026

juliusvonkohout removed lgtm approved labels Mar 27, 2026

google-oss-prow Bot added lgtm and removed do-not-merge/hold labels Mar 27, 2026

google-oss-prow Bot added the approved label Mar 27, 2026

google-oss-prow Bot merged commit 46f3142 into kubeflow:master Mar 27, 2026
7 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(ci): Remove trivy - Manifests#3424

chore(ci): Remove trivy - Manifests#3424
google-oss-prow[bot] merged 2 commits into
kubeflow:masterfrom
sameerdattav:remove-trivy

sameerdattav commented Mar 25, 2026

Uh oh!

github-actions Bot commented Mar 25, 2026

Uh oh!

Copilot AI left a comment

Uh oh!

juliusvonkohout commented Mar 26, 2026

Uh oh!

juliusvonkohout commented Mar 26, 2026

Uh oh!

andreyvelich commented Mar 26, 2026

Uh oh!

Uh oh!

juliusvonkohout commented Mar 27, 2026

Uh oh!

juliusvonkohout commented Mar 27, 2026

Uh oh!

juliusvonkohout commented Mar 27, 2026 •

edited

Loading

Uh oh!

juliusvonkohout commented Mar 27, 2026

Uh oh!

google-oss-prow Bot commented Mar 27, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Conversation

sameerdattav commented Mar 25, 2026

Uh oh!

github-actions Bot commented Mar 25, 2026

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

juliusvonkohout commented Mar 26, 2026

Uh oh!

juliusvonkohout commented Mar 26, 2026

Uh oh!

andreyvelich commented Mar 26, 2026

Uh oh!

Uh oh!

juliusvonkohout commented Mar 27, 2026

Uh oh!

juliusvonkohout commented Mar 27, 2026

Uh oh!

juliusvonkohout commented Mar 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

juliusvonkohout commented Mar 27, 2026

Uh oh!

google-oss-prow Bot commented Mar 27, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

juliusvonkohout commented Mar 27, 2026 •

edited

Loading