diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1d4efb7..c42fb2e 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -26,14 +26,38 @@ jobs: - name: Build Docker image id: build-image run: | + echo "Building Docker image..." docker build -t my-app-image:latest . + echo "Docker image built successfully." - name: Install Docker Scout run: | + echo "Installing Docker Scout..." curl -sSfL https://raw.githubusercontent.com/docker/scout-cli/main/install.sh | sh -s -- + echo "Docker Scout installed successfully." - name: Analyze Docker image with Docker Scout id: analyze-image run: | - docker scout cves my-app-image:latest > scout-results.json - cat scout-results.json # Print the report to the workflow logs for easy viewing + echo "Analyzing Docker image with Docker Scout..." + docker scout cves my-app-image:latest > scout-results.txt + cat scout-results.txt # Print the report to the workflow logs for easy viewing + echo "Docker Scout analysis completed." + + - name: Create GitHub issue comment + uses: peter-evans/create-issue-comment@v3 + with: + issue-number: 1 # Replace with the issue number or use an appropriate method to identify the issue or PR + body: | + **Docker Image Build and Analysis Report** + + The Docker image was built and analyzed successfully. + + **Build Summary:** + - Image Tag: my-app-image:latest + + **Analysis Report:** + ``` + $(cat scout-results.txt) + ``` + token: ${{ secrets.GITHUB_TOKEN }}