diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 7a0f828..e7d87f3 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -45,14 +45,29 @@ jobs: - name: Build Docker Image run: docker build -f Dockerfile -t myapp:latest . - - name: Docker Scout Scan - run: | - curl -fsSL https://raw.githubusercontent.com/docker/scout-cli/main/install.sh -o install-scout.sh - sh install-scout.sh - docker scout quickview - docker scout cves + # - name: Docker Scout Scan + # run: | + # curl -fsSL https://raw.githubusercontent.com/docker/scout-cli/main/install.sh -o install-scout.sh + # sh install-scout.sh + # echo ${{ secrets.REPO_PWD }} | docker login -u ${{ secrets.REPO_USER }} --password-stdin + # docker scout quickview + # docker scout cves + - name: Docker Scout Scan + uses: docker/scout-action@v1.0.9 + with: + dockerhub-user: ${{ secrets.REPO_USER }} + dockerhub-password: ${{ secrets.REPO_PWD }} + command: quickview,cves + only-severities: critical,high + sarif-file: scout-report.sarif + - name: Upload Artifact + uses: actions/upload-artifact@v3 + if: always() + with: + name: docker-scout-findings + path: scout-report.sarif