From c8e64b5c1d0efd08da750ac4f572358e44fb8c8d Mon Sep 17 00:00:00 2001 From: Jamie O'Meara Date: Wed, 19 May 2021 15:22:26 -0600 Subject: [PATCH] Update maven.yml --- .github/workflows/maven.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index a693655f5..cca0692a1 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -71,4 +71,14 @@ jobs: - name: "😆 Image using Pack" run: | - pack build ghcr.io/octodemo/spring-petclinic/spring-petclinic:${{ github.sha }} --builder paketobuildpacks/builder:base --env 'BP_JVM_VERSION=8.*' --tag ghcr.io/octodemo/spring-petclinic/spring-petclinic:latest --publish + pack build ghcr.io/octodemo/spring-petclinic/spring-petclinic:${{ github.sha }} --builder paketobuildpacks/builder:base --env 'BP_JVM_VERSION=8.*' --tag ghcr.io/octodemo/spring-petclinic/spring-petclinic:latest --publish + + - uses: anchore/scan-action@v2 + id: scan + with: + image: "ghcr.io/octodemo/spring-petclinic/spring-petclinic:latest" + acs-report-enable: true + - name: upload Anchore scan SARIF report + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: ${{ steps.scan.outputs.sarif }}