Skip to content

Commit c7bcfd9

Browse files
WyriHaximusWyriHaximus
authored
Merge pull request #31 from WyriHaximus/revert-30-temporary-disable-cve-scanning
Revert "Temporary disable CVE scanning"
2 parents 5d18ffb + eba88bf commit c7bcfd9

File tree

1 file changed

+13
-13
lines changed

1 file changed

+13
-13
lines changed

.github/workflows/ci.yml

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -74,25 +74,25 @@ jobs:
7474
- uses: actions/checkout@v1
7575
- run: docker version
7676
- run: docker images
77-
# - name: Install clair-scanner
78-
# run: |
79-
# sudo curl -L https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 -o /usr/local/bin/clair-scanner
80-
# sudo chmod +x /usr/local/bin/clair-scanner
81-
# - run: docker images
82-
# - run: mkdir -p $(echo "./clair/${DOCKER_IMAGE}:${REF}" | tr '[:upper:]' '[:lower:]')
83-
# env:
84-
# REF: ${{ needs.generate-ref.outputs.ref }}
85-
# - run: docker-compose -f .docker/security/docker-compose.yml -p clair-ci up -d
77+
- name: Install clair-scanner
78+
run: |
79+
sudo curl -L https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 -o /usr/local/bin/clair-scanner
80+
sudo chmod +x /usr/local/bin/clair-scanner
81+
- run: docker images
82+
- run: mkdir -p $(echo "./clair/${DOCKER_IMAGE}:${REF}" | tr '[:upper:]' '[:lower:]')
83+
env:
84+
REF: ${{ needs.generate-ref.outputs.ref }}
85+
- run: docker-compose -f .docker/security/docker-compose.yml -p clair-ci up -d
8686
- run: docker build --no-cache -t "${DOCKER_IMAGE}:${REF}" . -f Dockerfile-build
8787
env:
8888
REF: ${{ needs.generate-ref.outputs.ref }}
8989
- run: docker tag "${DOCKER_IMAGE}:${REF}" "${DOCKER_IMAGE}:sha-${GITHUB_SHA}"
9090
env:
9191
REF: ${{ needs.generate-ref.outputs.ref }}
92-
# - run: echo -e "${DOCKER_IMAGE}:${REF}" | xargs -I % sh -c 'clair-scanner --ip 172.17.0.1 -r "./clair/%.json" -l ./clair/clair.log % || (echo "% is vulnerable" && exit 1)'
93-
# env:
94-
# REF: ${{ needs.generate-ref.outputs.ref }}
95-
# - run: docker-compose -f .docker/security/docker-compose.yml -p clair-ci down
92+
- run: echo -e "${DOCKER_IMAGE}:${REF}" | xargs -I % sh -c 'clair-scanner --ip 172.17.0.1 -r "./clair/%.json" -l ./clair/clair.log % || (echo "% is vulnerable" && exit 1)'
93+
env:
94+
REF: ${{ needs.generate-ref.outputs.ref }}
95+
- run: docker-compose -f .docker/security/docker-compose.yml -p clair-ci down
9696
- run: docker images
9797
- name: Login to Docker Hub
9898
if: contains(github.ref, 'dependabot') == false

0 commit comments

Comments
 (0)