Patrick.Sy/spring-petclinic
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-petclinic.git synced 2025-07-22 15:55:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

adding Trivy scan, and try building without setup QEMU and Docker buildx

Browse source
This commit is contained in:
Dan Alima 2023-12-30 16:23:22 +02:00
parent 97be2fedb1
commit 823f7a88e4
1 changed files with 7 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
.github/workflows/maven-build.yml vendored
View file

@ -30,24 +30,16 @@ jobs:
- name: Run the tests - name: Run the tests
run: ./mvnw test run: ./mvnw test
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Package the project as a runnable Docker image - name: Package the project as a runnable Docker image
run: ./mvnw spring-boot:build-image run: ./mvnw spring-boot:build-image
- name: Set up JFrog CLI - name: Set up JFrog CLI
uses: jfrog/setup-jfrog-cli@v3 uses: jfrog/setup-jfrog-cli@v3
- name: Scan the project with your preferred SCA tool - name: Scan the project with your preferred SCA tool
run: jf docker scan docker.io/library/spring-petclinic:3.2.0-SNAPSHOT uses: aquasecurity/trivy-action@master
- name: Login to Docker Hub
uses: docker/login-action@v3
with: with:
username: ${{ secrets.DOCKERHUB_USERNAME }} image-ref: 'docker.io/library/spring-petclinic:3.2.0-SNAPSHOT'
password: ${{ secrets.DOCKERHUB_TOKEN }} format: 'table'
- name: Build and push exit-code: '1'
uses: docker/build-push-action@v5 ignore-unfixed: true
with: vuln-type: 'os,library'
push: true severity: 'CRITICAL,HIGH'
tags: user/app:latest