add wiz scan to the pipeline (SWG-14342)

ewaostrowska · ewaostrowska · commit fd52d388c31e · 2025-07-10T12:33:09.000+02:00
diff --git a/.github/workflows/maven-master-pulls.yml b/.github/workflows/maven-master-pulls.yml
@@ -68,7 +68,7 @@ jobs:
 
         steps:
         - name: Login to Docker Hub
-          uses: docker/login-action@v2
+          uses: docker/login-action@v3
           with:
             username: ${{ secrets.DOCKERHUB_SB_USERNAME }}
             password: ${{ secrets.DOCKERHUB_SB_PASSWORD }}
@@ -85,10 +85,20 @@ jobs:
         - name: Pull Docker image for scanning
           run: docker pull swaggerapi/swagger-codegen-cli:latest
 
+        - name: Checkout code
+          uses: actions/checkout@v3
+
+        - name: Set up Docker Buildx
+          uses: docker/setup-buildx-action@v3
+
+        - name: Build Docker image
+          run: |
+            docker build -t swaggerapi/swagger-codegen-cli/scan:latest .
+
         - name: Run wiz-cli docker image scan
           run: |
             ./wizcli docker scan --image $TAG --policy "$POLICY"
             ./wizcli docker tag --image $TAG
           env:
-            TAG: swaggerapi/swagger-codegen-cli:latest
+            TAG: swaggerapi/swagger-codegen-cli/scan:latest
             POLICY: "SmartBear default vulnerabilities policy"
