pipe added and retrive original commands #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Image CI | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| branches: [ "main" ] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Build the Docker image | |
| run: docker build . --file Dockerfile --tag buildimage:${{github.run_number}} | |
| - name: Run the Docker image | |
| run: | | |
| docker run --rm --name web -p 8080:8080 -d "buildimage:${{github.run_number}}" | |
| sleep 1 && curl http://localhost:8080 | |
| docker stop web | |
| - name: "Twistlock Vuln/Compliance check" | |
| env: | |
| pc_user: ${{ secrets.PC_USER }} | |
| pc_pass: ${{ secrets.PC_PASS }} | |
| pc_url: ${{ secrets.PC_URL }} | |
| run: | | |
| curl -k -u "${pc_user}:${pc_pass}" --output twistcli "${pc_url}/api/v1/util/twistcli" | |
| chmod a+x twistcli | |
| sudo ./twistcli images scan --address "${pc_url}" -u "${pc_user}" -p "${pc_pass}" "buildimage:${{github.run_number}}" --details | |
| # - name: "Triage vulnerabilities" | |
| # run: | | |
| # ./getPrismaData.sh | |
| # ./triage.sh |