github
/
portainer
mirror of https://github.com/portainer/portainer
1
0
Fork 0
Code Issues Releases Wiki Activity

(fix)nightly code security scan (#12017)

pull/12018/head
Yajith Dayarathna 2024-07-06 10:54:41 +12:00 committed by GitHub
parent 340830d121
commit 6e791a2cfe
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/nightly-security-scan.yml vendored
View File

@ -7,6 +7,8 @@ on:
env: env:
GO_VERSION: 1.22.5 GO_VERSION: 1.22.5
DOCKER_HUB_REPO: portainerci/portainer-ce
DOCKER_HUB_IMAGE_TAG: develop
jobs: jobs:
client-dependencies: client-dependencies:
@ -112,7 +114,7 @@ jobs:
uses: docker://docker.io/aquasec/trivy:latest uses: docker://docker.io/aquasec/trivy:latest
continue-on-error: true continue-on-error: true
with: with:
args: image --ignore-unfixed=true --vuln-type="os,library" --exit-code=1 --format="json" --output="image-trivy.json" --no-progress portainerci/portainer:develop args: image --ignore-unfixed=true --vuln-type="os,library" --exit-code=1 --format="json" --output="image-trivy.json" --no-progress ${{ env.DOCKER_HUB_REPO }}:${{ env.DOCKER_HUB_IMAGE_TAG }}
- name: upload Trivy image security scan result as artifact - name: upload Trivy image security scan result as artifact
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v3
@ -141,7 +143,7 @@ jobs:
continue-on-error: true continue-on-error: true
with: with:
command: cves command: cves
image: portainerci/portainer:develop image: ${{ env.DOCKER_HUB_REPO }}:${{ env.DOCKER_HUB_IMAGE_TAG }}
sarif-file: image-docker-scout.json sarif-file: image-docker-scout.json
dockerhub-user: ${{ secrets.DOCKER_HUB_USERNAME }} dockerhub-user: ${{ secrets.DOCKER_HUB_USERNAME }}
dockerhub-password: ${{ secrets.DOCKER_HUB_PASSWORD }} dockerhub-password: ${{ secrets.DOCKER_HUB_PASSWORD }}