stream-sprout/.github/workflows/scan-container.yaml

name: "Vulnerability 🐞 scan 🔍 container"

on:
  schedule:
    - cron: "0 10 * * 2"
  workflow_dispatch:

jobs:
  vulnerability-scan:
    name: "Build and scan"
    runs-on: ubuntu-24.04
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: build local container
        uses: docker/build-push-action@v4
        with:
          context: .
          file: ./Containerfile
          tags: localbuild/testimage:latest
          push: false
          load: true

      - name: Scan image
        uses: anchore/scan-action@v3
        with:
          image: "localbuild/testimage:latest"
          output-format: table

      - name: Inspect action report
        run: cat ${{ steps.scan.outputs.table }}