@@ -72,42 +72,76 @@ jobs:
7272 if : ${{ steps.dep_scan.outcome != 'success' }}
7373 run : less dependency-check-report.html
7474
75- - name : Perform high image scan
75+ - name : Perform high image scan on v1
7676 if : always()
77- id : high_scan
77+ id : high_scan_v1
7878 uses : ./.github/actions/image_scan
7979 with :
8080 image-ref : " public.ecr.aws/aws-observability/adot-autoinstrumentation-java:v1.32.6"
8181 severity : ' CRITICAL,HIGH'
8282
83- - name : Perform low image scan
83+ - name : Perform low image scan on v1
8484 if : always()
85- id : low_scan
85+ id : low_scan_v1
8686 uses : ./.github/actions/image_scan
8787 with :
8888 image-ref : " public.ecr.aws/aws-observability/adot-autoinstrumentation-java:v1.32.6"
8989 severity : ' MEDIUM,LOW,UNKNOWN'
9090
91+ - name : Perform high image scan on v2
92+ if : always()
93+ id : high_scan_v2
94+ uses : ./.github/actions/image_scan
95+ with :
96+ image-ref : " public.ecr.aws/aws-observability/adot-autoinstrumentation-java:v2.0.0"
97+ severity : ' CRITICAL,HIGH'
98+
99+ - name : Perform low image scan on v2
100+ if : always()
101+ id : low_scan_v2
102+ uses : ./.github/actions/image_scan
103+ with :
104+ image-ref : " public.ecr.aws/aws-observability/adot-autoinstrumentation-java:v2.0.0"
105+ severity : ' MEDIUM,LOW,UNKNOWN'
106+
91107 - name : Configure AWS Credentials for emitting metrics
92108 if : always()
93109 uses : aws-actions/configure-aws-credentials@v4
94110 with :
95111 role-to-assume : ${{ secrets.METRICS_ROLE_ARN }}
96112 aws-region : ${{ env.AWS_DEFAULT_REGION }}
97113
98- - name : Publish high scan status
114+ - name : Publish high scan status on v1
99115 if : always()
100116 run : |
101- value="${{ steps.high_scan .outcome == 'success' && '1.0' || '0.0' }}"
117+ value="${{ steps.high_scan_v1 .outcome == 'success' && '1.0' || '0.0' }}"
102118 aws cloudwatch put-metric-data --namespace 'ADOT/GitHubActions' \
103119 --metric-name Success \
104120 --dimensions repository=${{ github.repository }},branch=${{ github.ref_name }},workflow=daily_scan_high \
105121 --value $value
106122
107- name : Publish low scan status
123+ name : Publish high scan status on v2
124+ if : always()
125+ run : |
126+ value="${{ steps.high_scan_v2.outcome == 'success' && '1.0' || '0.0' }}"
127+ aws cloudwatch put-metric-data --namespace 'ADOT/GitHubActions' \
128+ --metric-name Success \
129+ --dimensions repository=${{ github.repository }},branch=${{ github.ref_name }},workflow=daily_scan_high \
130+ --value $value
131+
132+ name : Publish low scan status on v1
133+ if : always()
134+ run : |
135+ value="${{ steps.low_scan_v1.outcome == 'success' && steps.dep_scan.outcome == 'success' && '1.0' || '0.0'}}"
136+ aws cloudwatch put-metric-data --namespace 'ADOT/GitHubActions' \
137+ --metric-name Success \
138+ --dimensions repository=${{ github.repository }},branch=${{ github.ref_name }},workflow=daily_scan_low \
139+ --value $value
140+
141+ - name : Publish low scan status on v2
108142 if : always()
109143 run : |
110- value="${{ steps.low_scan .outcome == 'success' && steps.dep_scan.outcome == 'success' && '1.0' || '0.0'}}"
144+ value="${{ steps.low_scan_v2 .outcome == 'success' && steps.dep_scan.outcome == 'success' && '1.0' || '0.0'}}"
111145 aws cloudwatch put-metric-data --namespace 'ADOT/GitHubActions' \
112146 --metric-name Success \
113147 --dimensions repository=${{ github.repository }},branch=${{ github.ref_name }},workflow=daily_scan_low \
0 commit comments