Production deployment pipeline (e.g., security scanning of Docker image).
Opened this issue · 0 comments
jordanperr commented
The current CI pipeline (github actions + gcr) does not support container scanning and the images are not signed. Release notes should also be updated in GCR. This ticket is to upgrade the deployment pipeline to make it more secure and more suitable for production deployments.