Spike: How to deduplicate a finding that is already in default branch
Topic to Evaluate
Time-box: 3 days
Tasks to evaluate
-
How do we deduplicate a container scanning finding in a branch pipeline which is already present in the default branch? -
Determine if the deduplication logic have impacts on findings of other security analyzers -
Determine if the image naming convention impacts the deduplication and how to mitigate that?-> This will be mentioned in docs that the value set inCS_BASE_IMAGE
variable should follow a convention without which the feature will not work.
Risks and Implementation Considerations
- It's desirable not to add any frontend dependencies atleast as a part of initial iteration
✅
Edited by Sashi Kumar Kumaresan