Skip to content
CVE Scanning for Docker

Merge branch 'next' into renovate/org.owasp.dependencycheck-8.x #262

Sign in to view logs

Merge branch 'next' into renovate/org.owasp.dependencycheck-8.x

Merge branch 'next' into renovate/org.owasp.dependencycheck-8.x #262

Workflow file for this run

.github/workflows/cve-scanning-docker.yml at 114b558
name: CVE Scanning for Docker
on: [push, pull_request]
jobs:
scan-docker:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# https://github.com/docker-practice/actions-setup-docker/pull/33
- uses: docker-practice/actions-setup-docker@d7be7913d15a6b821cc3ed75b4c03b48e1dde22c
- name: Build
run: docker build -f Dockerfile -t user/app:latest .
working-directory: docker
- name: Scan for vulnerabilities
uses: crazy-max/ghaction-container-scan@abc19c42f7fcd8510a3fe690fc68744fa4970c78
with:
image: user/app:latest
env:
TRIVY_TIMEOUT: 20m