Update vulnerability_check.yml #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Container Scan | |
| permissions: | |
| actions: read | |
| security-events: write | |
| on: | |
| # Trigger the workflow on push or pull request, | |
| # but only for the master branch | |
| push: | |
| branches: | |
| - master | |
| pull_request: | |
| branches: | |
| - master | |
| jobs: | |
| scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Build and load CKAN | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: ./ckan | |
| load: true | |
| push: false | |
| file: ./ckan/Dockerfile | |
| tags: ckan-docker/ckan:test-valner-scan | |
| - name: Build and load CKAN xloader | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: ./ckan/ckanext-xloader | |
| load: true | |
| push: false | |
| file: ./ckan/ckanext-xloader/Dockerfile | |
| tags: ckan-docker/ckan:test-valner-scan | |
| - name: Scan for vulnerabilities for CKAN image | |
| uses: crazy-max/ghaction-container-scan@v3 | |
| with: | |
| image: ckan-docker/ckan:test-valner-scan | |
| dockerfile: ./ckan/Dockerfile | |
| - name: Scan for vulnerabilities for CKAN xloader image | |
| uses: crazy-max/ghaction-container-scan@v3 | |
| with: | |
| image: ckan-docker/ckan-xloader:test-valner-scan | |
| dockerfile: ./ckan/ckanext-xloader/Dockerfile |