mirror of
https://github.com/spring-projects/spring-petclinic.git
synced 2025-07-25 00:25:50 +00:00
Update maven.yml
This commit is contained in:
parent
1556804341
commit
ccaa09762f
1 changed files with 7 additions and 4 deletions
11
.github/workflows/maven.yml
vendored
11
.github/workflows/maven.yml
vendored
|
@ -69,25 +69,28 @@ jobs:
|
|||
|
||||
- uses: andrioid/setup-pack@v1.0.1
|
||||
|
||||
- name: "😆 Image using Pack"
|
||||
- name: "😆 Build container image with CNB pack"
|
||||
run: |
|
||||
pack build ghcr.io/octodemo/spring-petclinic/spring-petclinic:${{ github.sha }} --builder paketobuildpacks/builder:base --env 'BP_JVM_VERSION=8.*' --tag ghcr.io/octodemo/spring-petclinic/spring-petclinic:latest --publish
|
||||
|
||||
- uses: anchore/scan-action@v2
|
||||
- name: Check container image for vulnerabilities🛡
|
||||
uses: anchore/scan-action@v2
|
||||
id: scan
|
||||
with:
|
||||
image: "ghcr.io/octodemo/spring-petclinic/spring-petclinic:latest"
|
||||
acs-report-enable: true
|
||||
|
||||
- name: upload Anchore scan SARIF report
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
sarif_file: ${{ steps.scan.outputs.sarif }}
|
||||
|
||||
- name: Run Snyk to check Docker image for vulnerabilities
|
||||
- name: Run Snyk to check Docker image for vulnerabilities 🚓
|
||||
# Snyk can be used to break the build when it detects vulnerabilities.
|
||||
# In this case we want to upload the issues to GitHub Code Scanning
|
||||
continue-on-error: true
|
||||
uses: snyk/actions/docker@master
|
||||
id: snyk
|
||||
env:
|
||||
# In order to use the Snyk Action you will need to have a Snyk API token.
|
||||
# More details in https://github.com/snyk/actions#getting-your-snyk-token
|
||||
|
@ -98,4 +101,4 @@ jobs:
|
|||
- name: Upload result to GitHub Code Scanning
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
sarif_file: snyk.sarif
|
||||
sarif_file: ${{ steps.snyk.outputs.sarif }}
|
||||
|
|
Loading…
Reference in a new issue