Container Scan from Config
uses: huntridge-labs/argus/.github/workflows/container-scan-from-config.yml@1.8.1
Pipeline
3 jobs (1 matrix) ยท scroll to zoom ยท drag to pan
Triggers
- Manual dispatch
- Reusable (called by other workflows)
Permissions
| Scope | Access |
|---|---|
contents |
read |
security-events |
write |
actions |
read |
pull-requests |
write |
id-token |
write |
packages |
read |
Inputs
| Input | Description | Required | Default |
|---|---|---|---|
config_file |
Path to container config file (YAML, JSON, or JS) string | No | examples/container-config.example.yml |
Jobs
parse-config โ Parse Container Config
Runs on: ubuntu-latest
Steps:
- Checkout repository โ
actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 - Parse container config โ
huntridge-labs/argus/.github/actions/parse-container-config@1.8.1
Actions used:
- ๐ฆ
parse-container-configโ Parse Container Config
scan-containers โ Scan ${{ matrix.name }}
Runs on: ubuntu-latest ยท Depends on: parse-config ยท Condition: needs.parse-config.outputs.has_containers == 'true'
Steps:
- Checkout repository โ
actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 - Set up Python โ
actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 - Install Argus โ
huntridge-labs/argus/.github/actions/setup-argus@1.8.1 - Authenticate to container registry
- Run container security scanners via argus CLI
- Upload container summary section โ
actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
scan-summary โ Container Scan Summary
Runs on: ubuntu-latest ยท Depends on: parse-config, scan-containers ยท Condition: always()
Steps:
- Generate container scan summary โ
huntridge-labs/argus/.github/actions/security-summary@1.8.1
Actions used:
- โ๏ธ
security-summaryโ Security Summary
All Composite Actions Referenced
- ๐ฆ
parse-container-configโ Parse Container Config - โ๏ธ
security-summaryโ Security Summary