Skip to content

Commit

Permalink
Refactor image scanning steps
Browse files Browse the repository at this point in the history
  • Loading branch information
@ffurrer2
ffurrer2 committed Jul 25, 2024
1 parent d9ac1ba commit 21676b4
Showing 1 changed file with 5 additions and 3 deletions.
8 changes: 5 additions & 3 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,13 +134,14 @@ jobs:
- name: Inspect Trivy SARIF report (distroless)
run: |
cat trivy-results-distroless.sarif
if: ${{ !cancelled() }}

- name: Upload Trivy scan results to GitHub Security tab (distroless)
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results-distroless.sarif'
category: trivy-results-distroless
if: always()
if: ${{ !cancelled() }}

- name: Run Anchore image scanner (distroless)
uses: anchore/scan-action@v3
Expand All @@ -149,14 +150,15 @@ jobs:
image: 'ghcr.io/ffurrer2/semver:latest'
fail-build: true
severity-cutoff: high
if: ${{ !cancelled() }}

- name: Inspect Anchore SARIF report (distroless)
run: |
cat ${{ steps.anchore-distroless.outputs.sarif }}
if: ${{ !cancelled() }}

- name: Upload Anchore scan results to GitHub Security tab (distroless)
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ steps.anchore-distroless.outputs.sarif }}
category: anchore-results-distroless
if: always()
if: ${{ !cancelled() }}

0 comments on commit 21676b4

Please sign in to comment.