File tree 1 file changed +15
-1
lines changed
1 file changed +15
-1
lines changed Original file line number Diff line number Diff line change @@ -250,7 +250,6 @@ jobs:
250250 # The folders are skipped, because the folders contain many files, which
251251 # are not relevant for the image security. The scan is faster without them.
252252
253- # upload fails: https://github.com/github/codeql-action/issues/2117
254253 - name : 🛡️🔼 Upload Trivy scan results to GitHub Security tab
255254 uses : github/codeql-action/upload-sarif@v3 # https://github.com/github/codeql-action
256255 with :
@@ -264,3 +263,18 @@ jobs:
264263 format : ' list'
265264 exit-code : ' 0'
266265 exit-level : ' warn'
266+
267+ - name : 🛡️🔍 Scan Image for Vulnerabilities using Docker Scout
268+ uses : docker/scout-action@v1 # https://github.com/docker/scout-action
269+ with :
270+ command : cves,recommendations
271+ only-severities : critical,high
272+ image : ${{ steps.metadata-base.outputs.tags }}
273+ format : ' json'
274+ sarif-file : ' scout-results.sarif.json'
275+ summary : true
276+
277+ - name : 🛡️🔼 Upload Docker Scout scan results to GitHub Security tab
278+ uses : github/codeql-action/upload-sarif@v3 # https://github.com/github/codeql-action
279+ with :
280+ sarif_file : ' scout-results.sarif.json'
You can’t perform that action at this time.
0 commit comments