DEBUG GH workflow for Vuls

Signed-off-by: tdruez <[email protected]>

Author: tdruez

.github/workflows/sca-integration-vuls.yml

@@ -17,35 +17,40 @@ jobs:
   generate-and-load-sbom:
     runs-on: ubuntu-24.04
     steps:
-      - name: Checkout repo
+      - name: Checkout repository
         uses: actions/checkout@v4
 
-      - name: Prepare Vuls image scan config.toml
+      - name: Prepare Vuls config.toml
         run: |
           mkdir -p ./vuls-config
           cat > ./vuls-config/config.toml <<'EOF'
           [servers]
-          [servers.image]
-          type="pseudo"
 
-            [servers.image.images.localpython]
-            name="${{ env.IMAGE_REFERENCE }}"
-            tag="latest"
+          [servers.cpescan]
+          type = "pseudo"
+          cpeNames = [
+              "cpe:/o:fortinet:fortios:4.3.0",
+          ]
           EOF
 
-      - name: Pull Vuls image
+      # Pull Vuls image
+      - name: Pull Vuls Docker image
         run: docker pull vuls/vuls:latest
 
-      - name: Run Vuls Image Scan
+      # Run Vuls scan
+      - name: Run Vuls scan
         run: |
           mkdir -p ./results
           docker run --rm \
             -v $PWD:/workdir \
-            vuls/vuls scan -config=/workdir/vuls-config/config.toml -results-dir=/workdir/results
+            -u $(id -u):$(id -g) \
+            vuls/vuls scan \
+            -config=/workdir/vuls-config/config.toml \
+            -results-dir=/workdir/results
 
-      - name: Upload Vuls report as GitHub Artifact
+      - name: Upload Vuls scan report
         uses: actions/upload-artifact@v4
         with:
-          name: vuls-image-scan-report
+          name: vuls-scan-report
           path: results
           retention-days: 20