Container Scan from Config
uses: huntridge-labs/argus/.github/workflows/container-scan-from-config.yml@1.1.0
Pipeline
3 jobs (1 matrix) ยท scroll to zoom ยท drag to pan
Triggers
- Manual dispatch
- Reusable (called by other workflows)
Permissions
| Scope | Access |
|---|---|
contents |
read |
security-events |
write |
actions |
read |
pull-requests |
write |
id-token |
write |
packages |
read |
Inputs
| Input | Description | Required | Default |
|---|---|---|---|
config_file |
Path to container config file (YAML, JSON, or JS) string | No | examples/container-config.example.yml |
Jobs
parse-config โ Parse Container Config
Runs on: ubuntu-latest
Steps:
- Checkout repository โ
actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - Parse container config โ
huntridge-labs/argus/.github/actions/parse-container-config@1.1.0
Actions used:
- ๐ฆ
parse-container-configโ Parse Container Config
scan-containers โ Scan ${{ matrix.name }}
Runs on: ubuntu-latest ยท Depends on: parse-config ยท Condition: needs.parse-config.outputs.has_containers == 'true'
Steps:
- Checkout repository โ
actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - Set up Python โ
actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 - Install argus dependencies
- Authenticate to container registry
- Run container security scanners via argus CLI
scan-summary โ Container Scan Summary
Runs on: ubuntu-latest ยท Depends on: parse-config, scan-containers ยท Condition: always()
Steps:
- Generate container scan summary โ
huntridge-labs/argus/.github/actions/scanner-container-summary@1.1.0
Actions used:
- ๐ฆ
scanner-container-summaryโ Container Scanner Summary
All Composite Actions Referenced
- ๐ฆ
parse-container-configโ Parse Container Config - ๐ฆ
scanner-container-summaryโ Container Scanner Summary