Skip to content

extra scan added

extra scan added #50

Workflow file for this run

on:
push:
branches:
- main
env:
current_branch: ${{ github.ref }}
job_id: ${{ github.run_number }}
sha: ${{ github.sha }}
jobs:
build:
name: Build Image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: git-checkout
run: |
echo "git-checkout done"
- name: create a custom tag
run: echo "IMG_TAG=$(echo $GITHUB_SHA | cut -c 1-6)"-$job_id >> $GITHUB_ENV
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and push
uses: docker/build-push-action@v5
with:
push: false
tags: welcome-app:${{ env.IMG_TAG }}, welcome-app:latest
load: true
# Image Scan
# - name: KSOC Image Scan
# uses: ksoclabs/image-scan-action@v0.0.4
# with:
# fail_on_severity: medium
# ignore_cves: |
# CVE-2021-1234
# CVE-2021-5678
# image: welcome-app:${{ env.IMG_TAG }}
- name: Scan for vulnerabilities
uses: crazy-max/ghaction-container-scan@v3
with:
image: welcome-app:${{ env.IMG_TAG }}
severity_threshold: HIGH