File tree Expand file tree Collapse file tree 1 file changed +25
-0
lines changed Expand file tree Collapse file tree 1 file changed +25
-0
lines changed Original file line number Diff line number Diff line change 1+ # This workflow checks out code, builds an image, performs a container image
2+ # vulnerability scan with Anchore's Grype tool, and integrates the results with GitHub Advanced Security
3+ # code scanning feature. For more information on the Anchore scan action usage
4+ # and parameters, see https://github.com/anchore/scan-action. For more
5+ # information on Anchore's container image scanning tool Grype, see
6+ # https://github.com/anchore/grype
7+ name : Anchore Container Scan
8+ on : push
9+ jobs :
10+ Anchore-Build-Scan :
11+ runs-on : ubuntu-latest
12+ steps :
13+ - name : Checkout the code
14+ uses : actions/checkout@v2
15+ - name : Build the Docker image
16+ run : docker build . --file Dockerfile --tag localbuild/testimage:latest
17+ - name : Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled
18+ uses : anchore/scan-action@main
19+ with :
20+ image : " localbuild/testimage:latest"
21+ acs-report-enable : true
22+ - name : Upload Anchore Scan Report
23+ uses : github/codeql-action/upload-sarif@v1
24+ with :
25+ sarif_file : results.sarif
You can’t perform that action at this time.
0 commit comments