Adding scanning of built container

keithbsb · keithbsb · commit bb989ce28522 · 2023-08-15T05:25:20.000-07:00
diff --git a/.github/workflows/docker-release-3.0.yml b/.github/workflows/docker-release-3.0.yml
@@ -72,21 +72,4 @@ jobs:
           docker tag $DOCKER_GENERATOR_ROOT_FULL_IMAGE_NAME:${{ env.TAG }} $DOCKER_GENERATOR_FULL_IMAGE_NAME:${{ env.TAG }}-root
           docker push $DOCKER_GENERATOR_FULL_IMAGE_NAME:$${{ env.TAG }}-root
     env:
-      TAG: ${{ github.event.inputs.tag }}
-
-  scan-with-lacework:
-      name: Trigger LaceWork Scanning
-      runs-on: ubuntu-latest
-        
-      needs: [ build_push_docker_release_30 ]
-      if: success()
-  
-      steps:
-        - name: Trigger LaceWork Scanning using a different method
-          run: |
-            docker run -e LW_ACCOUNT_NAME=$LW_ACCOUNT_NAME -e LW_ACCESS_TOKEN=$LW_ACCESS_TOKEN -e LW_SCANNER_DISABLE_UPDATES=false -v /var/run/docker.sock:/var/run/docker.sock lacework/lacework-inline-scanner:latest image evaluate swaggerapi/swagger-codegen-cli latest --docker-server index.docker.io --docker-username $docker_user --docker-password $docker_password  > /dev/null 2>&1
-          env:
-            LW_ACCOUNT_NAME: ${{ secrets.LW_ACCOUNT_NAME }}
-            LW_ACCESS_TOKEN: ${{ secrets.LW_ACCESS_TOKEN }}
-            docker_user: ${{ secrets.DOCKERHUB_SB_USERNAME}}
-            docker_password: ${{ secrets.DOCKERHUB_SB_PASSWORD}}
+      TAG: ${{ github.event.inputs.tag }}
diff --git a/.github/workflows/maven-master.yml b/.github/workflows/maven-master.yml
@@ -57,3 +57,20 @@ jobs:
           else
             echo "not deploying release nor building and pushing release docker image: " ${MY_POM_VERSION}
           fi
+
+  scan-with-lacework:
+      name: Trigger LaceWork Scanning
+      runs-on: ubuntu-latest
+
+      needs: [ build ]
+      if: success()
+
+      steps:
+        - name: Trigger LaceWork Scanning using a different method
+          run: |
+            docker run -e LW_ACCOUNT_NAME=$LW_ACCOUNT_NAME -e LW_ACCESS_TOKEN=$LW_ACCESS_TOKEN -e LW_SCANNER_DISABLE_UPDATES=false -v /var/run/docker.sock:/var/run/docker.sock lacework/lacework-inline-scanner:latest image evaluate swaggerapi/swagger-codegen-cli latest --docker-server index.docker.io --docker-username $docker_user --docker-password $docker_password  > /dev/null 2>&1
+          env:
+            LW_ACCOUNT_NAME: ${{ secrets.LW_ACCOUNT_NAME }}
+            LW_ACCESS_TOKEN: ${{ secrets.LW_ACCESS_TOKEN }}
+            docker_user: ${{ secrets.DOCKERHUB_SB_USERNAME}}
+            docker_password: ${{ secrets.DOCKERHUB_SB_PASSWORD}}
