Skip to content
Build, push and scan Docker image

update golang.org/x/net to v0.32.0 #1

Sign in to view logs

update golang.org/x/net to v0.32.0

update golang.org/x/net to v0.32.0 #1

Workflow file for this run

.github/workflows/docker-build-scan.yml at b1130bd
name: Build, push and scan Docker image
on:
push:
paths:
- "poc-prerequisite/kubescape-sizing-checker/Dockerfile"
- "poc-prerequisite/kubescape-sizing-checker/cmd"
- "poc-prerequisite/kubescape-sizing-checker/pkg"
- "poc-prerequisite/kubescape-sizing-checker/go.mod"
- "poc-prerequisite/kubescape-sizing-checker/go.sum"
workflow_dispatch:
jobs:
build-and-scan:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v3
- name: Set up QEMU (for multi-platform support)
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build and push multi-platform Docker image
id: build-image
run: |
# Generate a short commit SHA for a unique tag
SHORT_SHA="${GITHUB_SHA:0:7}"
# Create and use a new buildx builder (if needed)
docker buildx create --use
# Build and push multi-architecture images
docker buildx build \
--platform linux/amd64,linux/arm64 \
-t quay.io/danvid/kubescape-sizing-checker:latest \
-t quay.io/danvid/kubescape-sizing-checker:${SHORT_SHA} \
--push \
./poc-prerequisite/kubescape-sizing-checker
- name: Install Kubescape
run: |
curl -s https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash
- name: Run Kubescape to scan image
run: |
# You can choose to scan the 'latest' tag or the specific commit tag
$HOME/.kubescape/bin/kubescape scan image quay.io/danvid/kubescape-sizing-checker:latest \
--severity-threshold critical \
--format sarif \
--output results-image.sarif
- name: Upload image scan results to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results-image.sarif
category: image-scan