mirror of
https://github.com/donaldzou/WGDashboard.git
synced 2025-06-28 01:06:58 +00:00
b04f7b2d2c
* Separated tasks (again) and separate builds (#8) * Update docker-build.yml Updated `GHCR_TOKEN` to `GITHUB_TOKEN` --------- Co-authored-by: Donald Zou <donaldzou@live.hk>
38 lines
900 B
YAML
38 lines
900 B
YAML
name: Docker Scan
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
trigger-scan:
|
|
description: 'Trigger a manual scan'
|
|
required: true
|
|
default: 'true'
|
|
|
|
env:
|
|
DOCKER_IMAGE: donaldzou/wgdashboard
|
|
|
|
jobs:
|
|
docker_scan:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Log in to Docker Hub
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: docker.io
|
|
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
|
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
|
|
|
|
- name: Docker Scout CVEs
|
|
uses: docker/scout-action@v1
|
|
with:
|
|
command: cves
|
|
image: ${{ env.DOCKER_IMAGE }}:nightly
|
|
only-severities: critical,high
|
|
only-fixed: true
|
|
write-comment: true
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
exit-code: true
|