Skip to content

carbon accounting trivy scan #375

carbon accounting trivy scan

carbon accounting trivy scan #375

name: azure-container-image-scan
on:
push:
pull_request:
# Publish `main` as Docker `latest` image.
branches:
- main
# Publish `v1.2.3` tags as releases.
tags:
- v*
jobs:
build-secure-and-push:
name: Scan cactus-example-carbon-accounting image
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2.4.0
env:
# (Required) The token to use to make API calls to GitHub.
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- uses: actions/checkout@v1
- name: Login to DockerHub Registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Build Images from Dockerfile
run: DOCKER_BUILDKIT=1 docker build -f ./examples/carbon-accounting/Dockerfile . -t cactus-example-carbon-accounting
- uses: Azure/container-scan@v0.1
name: Scan image for vulnerabilities
id: container-scan
continue-on-error: true
with:
image-name: cactus-example-carbon-accounting