Skip to content

CCM-15551: Removing Trivi#51

Merged
m-houston merged 1 commit intomainfrom
CCM-15551-remove-trivy
Mar 24, 2026
Merged

CCM-15551: Removing Trivi#51
m-houston merged 1 commit intomainfrom
CCM-15551-remove-trivy

Conversation

@m-houston
Copy link
Contributor

@m-houston m-houston commented Mar 23, 2026

Description

Context

Type of changes

  • Refactoring (non-breaking change)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would change existing functionality)
  • Bug fix (non-breaking change which fixes an issue)

Checklist

  • I am familiar with the contributing guidelines
  • I have followed the code style of the project
  • I have added tests to cover my changes
  • I have updated the documentation accordingly
  • This PR is a result of pair or mob programming

Sensitive Information Declaration

To ensure the utmost confidentiality and protect your and others privacy, we kindly ask you to NOT including PII (Personal Identifiable Information) / PID (Personal Identifiable Data) or any other sensitive data in this PR (Pull Request) and the codebase changes. We will remove any PR that do contain any sensitive information. We really appreciate your cooperation in this matter.

  • I confirm that neither PII/PID nor sensitive data are included in this PR and the codebase changes.

Copilot AI review requested due to automatic review settings March 23, 2026 19:52
@m-houston m-houston requested review from a team as code owners March 23, 2026 19:52
Copilot AI reviewed Mar 23, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR removes/disabled Trivy (and previously tfsec-based) Terraform IaC security scanning from local make targets and the “Commit stage” GitHub Actions workflow, with TODOs to revisit tooling later.

Changes:

  • Removed the terraform-sec make target implementation (previously running tfsec) and replaced it with commented TODOs.
  • Commented out the trivy entry in .tool-versions.
  • Deleted the Trivy scan job from .github/workflows/stage-1-commit.yaml.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File Description
scripts/terraform/terraform.mk Removes the terraform-sec quality target implementation and leaves TODO/commented guidance.
.tool-versions Comments out the Trivy tool pin and adds a TODO to revisit usage.
.github/workflows/stage-1-commit.yaml Removes the Trivy scanning job from the commit-stage workflow.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

nhsd-david-wass
nhsd-david-wass approved these changes Mar 24, 2026
View reviewed changes
Copy link

@nhsd-david-wass nhsd-david-wass left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@m-houston m-houston merged commit 47df0a8 into main Mar 24, 2026
56 checks passed
@m-houston m-houston deleted the CCM-15551-remove-trivy branch March 24, 2026 13:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@aidenvaines-cgi aidenvaines-cgi aidenvaines-cgi approved these changes

@nhsd-david-wass nhsd-david-wass nhsd-david-wass approved these changes

@sidnhs sidnhs sidnhs approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@m-houston @aidenvaines-cgi @nhsd-david-wass @sidnhs