1
0
mirror of https://github.com/donaldzou/WGDashboard.git synced 2024-11-06 16:00:28 +01:00
WGDashboard/.github/workflows/main.yml
2024-08-24 01:34:03 -05:00

50 lines
1.4 KiB
YAML

name: Docker Image Build and Analysis
on:
schedule:
- cron: "0 0 * * *" # Schedule the workflow to run daily at midnight (UTC time). Adjust the time if needed.
workflow_dispatch: # Manual run trigger
inputs:
trigger-build:
description: 'Trigger a manual build and push'
default: 'true'
jobs:
build-and-analyze:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build Docker image
id: build-image
run: |
docker build -t my-app-image:latest .
- name: Install Docker Scout
run: |
curl -sSfL https://raw.githubusercontent.com/docker/scout-cli/main/install.sh | sh -s --
- name: Analyze Docker image with Docker Scout
id: analyze-image
run: |
# Get the current date in YYYY-MM-DD format
DATE=$(date +'%Y-%m-%d')
OUTPUT_FILE=".github/workflows/cve-report-$DATE.json"
docker scout cves my-app-image:latest > $OUTPUT_FILE
echo "CVE report saved to $OUTPUT_FILE"
- name: Upload Scout results
uses: actions/upload-artifact@v3
with:
name: scout-results
path: .github/workflows/cve-report-*.json