Merge pull request #9 from CSR2017/ADMINAPI-346-temp-2

Add cve analysis
CSR2017 · Jul 25, 2023 · a9c9b86 · a9c9b86
2 parents e7aad3a + 9f48f0e
commit a9c9b86
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/.github/workflows/on-prerelease.yml b/.github/workflows/on-prerelease.yml
@@ -330,4 +330,19 @@ jobs:
           file: Dockerfile
           tags: ${{ steps.prepare-tags.outputs.DBTAGS }}
           labels: ${{ steps.metadatabase.outputs.labels }}
-          push: true
+          push: true
+
+      - name: Analyze for critical and high CVEs
+        id: docker-scout-cves        
+        uses: docker/[email protected]
+        with:
+          command: cves
+          image: ${{ steps.metaapi.outputs.tags }}
+          sarif-file: sarif.output.json
+          summary: true
+
+      - name: Upload SARIF result
+        id: upload-sarif       
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: sarif.output.json