build image container and scan with grype

krixapolinario · krixapolinario · commit e66e18081564 · 2024-11-06T11:30:35.000-03:00
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -9,7 +9,7 @@ on:
       - main
 
 jobs:   
-  Anchore:
+  Grype:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout source code
@@ -20,11 +20,31 @@ jobs:
         with:
           path: "."
           # fail-build: false
-          # output-format: table
-      - name: upload Anchore scan SARIF report
-        uses: github/codeql-action/upload-sarif@v3
+          output-format: table
+      # - name: upload Anchore scan SARIF report
+      #   uses: github/codeql-action/upload-sarif@v3
+      #   with:
+      #     sarif_file: ${{ steps.scan.outputs.sarif }}
+
+  Grype-Image:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout source code
+        uses: actions/checkout@v4
+      - name: Build the Container image
+        run: |
+          pwd
+          ls -la
+          docker build . --file Dockerfile --tag localbuild/todo-app:v1
+      - uses: anchore/scan-action@v3
+        id: scan
         with:
-          sarif_file: ${{ steps.scan.outputs.sarif }}
+          image: "localbuild/todo-app:v1"
+          output-format: table
+      # - name: upload Anchore scan SARIF report
+      #   uses: github/codeql-action/upload-sarif@v3
+      #   with:
+      #     sarif_file: ${{ steps.scan.outputs.sarif }}
   
   Bearer:
     runs-on: ubuntu-latest
