mirror of
https://github.com/wimpysworld/stream-sprout
synced 2026-03-23 02:24:39 +01:00
11aff5ce60Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3 to 4. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
35 lines
No EOL
818 B
YAML
35 lines
No EOL
818 B
YAML
name: "Vulnerability 🐞 scan 🔍 container"
|
|
|
|
on:
|
|
schedule:
|
|
- cron: "0 10 * * 2"
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
vulnerability-scan:
|
|
name: "Build and scan"
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v6
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v4
|
|
|
|
- name: build local container
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
context: .
|
|
file: ./Containerfile
|
|
tags: localbuild/testimage:latest
|
|
push: false
|
|
load: true
|
|
|
|
- name: Scan image
|
|
uses: anchore/scan-action@v7
|
|
with:
|
|
image: "localbuild/testimage:latest"
|
|
output-format: table
|
|
|
|
- name: Inspect action report
|
|
run: cat ${{ steps.scan.outputs.table }} |