US048 As a DevOps engineer, I want the scanning tool to be integrated into our CI/CD pipeline, So that I can catch potential vulnerabilities early in the development process before they get deployed to production
Description:
As a DevOps engineer, there is a need to integrate the scanning tool into the CI/CD pipeline. This allows for early detection of potential vulnerabilities during the development process, ensuring that security issues are addressed before deployment to production.
Linked Requirements & Use Cases?
- Link to requirements
- Link to Use Case
- [Link to other material]
Current Definition of Done
-
Implemented -
Pair Reviewed -
Tested -
Documents updated -
? other
Acceptance Criterias
-
A vulnerability scanning tool is integrated into the CI/CD pipeline and automatically scans container images during build and deployment stages. (#249) -
The scanning tool sends real-time alerts to the system administrator’s dashboard when vulnerabilities are detected, and logs are accessible for auditing. (#249)
Edited by AH0981