Fix: Ensure SECURE_API_TOKEN is injected properly

higakikeita · higakikeita · commit 6612d2c8deb1 · 2025-07-16T16:57:32.000+09:00
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
@@ -23,8 +23,7 @@ jobs:
           docker build -t worker ./worker
           docker build -t result ./result
 
-      - 
-        name: Debug: Check if SECURE_API_TOKEN is available
+      - name: Debug
         env:
           SECURE_API_TOKEN: "${{ secrets.SECURE_API_TOKEN }}"
         run: |
@@ -35,9 +34,18 @@ jobs:
             exit 1
           else
             echo "✅ SECURE_API_TOKEN is available."
-          fi
 
       - name: Run Sysdig Scan (voting-app)
         run: |
-          docker run --rm             --platform linux/amd64             --user 0             -v "$(pwd)/scan-logs:/home/nonroot/scan-logs"             -v /var/run/docker.sock:/var/run/docker.sock             -e SECURE_API_TOKEN="${{ secrets.SECURE_API_TOKEN }}"             quay.io/sysdig/sysdig-cli-scanner:1.22.4               --apiurl "$SYS_DIG_SECURE_URL"               --loglevel debug               --skiptlsverify               docker://voting-app
+          docker run --rm \
+            --platform linux/amd64 \
+            --user 0 \
+            -v "$(pwd)/scan-logs:/home/nonroot/scan-logs" \
+            -v /var/run/docker.sock:/var/run/docker.sock \
+            -e SECURE_API_TOKEN="${{ secrets.SECURE_API_TOKEN }}" \
+            quay.io/sysdig/sysdig-cli-scanner:1.22.4 \
+              --apiurl "$SYS_DIG_SECURE_URL" \
+              --loglevel debug \
+              --skiptlsverify \
+              docker://voting-app
 
