1
0
mirror of https://github.com/donaldzou/WGDashboard.git synced 2024-11-22 15:20:09 +01:00

Update main.yml

This commit is contained in:
Noxcis 2024-08-24 02:04:46 -05:00 committed by GitHub
parent 75fbdac42e
commit 53c9ca10a7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -17,34 +17,27 @@ jobs:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Log in to Docker Hub - name: Log in to Docker Hub
uses: docker/login-action@v3 uses: docker/login-action@v3
with: with:
username: ${{ secrets.DOCKERHUB_USERNAME }} username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }} password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build Docker image - name: Build multiarch Docker image
id: build-image id: build-image
run: | run: |
docker build -t my-app-image:latest . docker buildx create --use
docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 -t wg-dashboard:latest --push .
- name: Install Docker Scout - name: Docker Scout
run: | id: docker-scout
curl -sSfL https://raw.githubusercontent.com/docker/scout-cli/main/install.sh | sh -s -- uses: docker/scout-action@v1
- name: Analyze Docker image with Docker Scout
id: analyze-image
run: |
# Get the current date in YYYY-MM-DD format
DATE=$(date +'%Y-%m-%d')
OUTPUT_FILE=".github/workflows/cve-report-$DATE.json"
docker scout cves my-app-image:latest > $OUTPUT_FILE
echo "CVE report saved to $OUTPUT_FILE"
cat $OUTPUT_FILE
- name: Upload Scout results
uses: actions/upload-artifact@v3
with: with:
name: scout-results command: scan
path: .github/workflows/cve-report-*.json image: wg-dashboard:latest
ignore-unchanged: true
only-severities: critical,high
github-token: ${{ secrets.GITHUB_TOKEN }}