add wiz scan to the pipeline (SWG-14342)

ewaostrowska · ewaostrowska · commit a9f3223aa5ad · 2025-07-10T14:35:27.000+02:00
diff --git a/.github/workflows/maven-master-pulls.yml b/.github/workflows/maven-master-pulls.yml
@@ -68,11 +68,21 @@ jobs:
 
         steps:
         - name: Login to Docker Hub
-          uses: docker/login-action@v2
+          uses: docker/login-action@v3
           with:
             username: ${{ secrets.DOCKERHUB_SB_USERNAME }}
             password: ${{ secrets.DOCKERHUB_SB_PASSWORD }}
 
+        - name: Checkout code
+          uses: actions/checkout@v3
+
+        - name: Set up Docker Buildx
+          uses: docker/setup-buildx-action@v3
+
+        - name: Build Docker image
+          run: |
+            docker buildx build --load -t swaggerapi/swagger-codegen-cli:latest .
+
         - name: Download Wiz CLI
           run: curl -o wizcli https://downloads.wiz.io/wizcli/latest/wizcli-linux-amd64 && chmod +x wizcli
 
@@ -82,9 +92,6 @@ jobs:
             WIZ_CLIENT_ID: ${{ secrets.WIZ_CLIENT_ID }}
             WIZ_CLIENT_SECRET: ${{ secrets.WIZ_CLIENT_SECRET }}
 
-        - name: Pull Docker image for scanning
-          run: docker pull swaggerapi/swagger-codegen-cli:latest
-
         - name: Run wiz-cli docker image scan
           run: |
             ./wizcli docker scan --image $TAG --policy "$POLICY"
