From e7da517871bb6c5c75a606c502d0442b41e55a09 Mon Sep 17 00:00:00 2001 From: Gary Duan Date: Wed, 21 Sep 2022 17:11:09 -0700 Subject: [PATCH] Correct action name --- README.md | 18 +++++++++--------- action.yml | 3 ++- test/scan-image.bats | 20 ++++++++++---------- 3 files changed, 21 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 1d5281e..93cf6b3 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ jobs: run: | docker build -t registry.organization.com/org/image-name:${{ github.sha }} . - name: Scan Image - uses: bashofmann/neuvector-image-scan-action@main + uses: neuvector/scan-action@main with: image-repository: registry.organization.com/org/image-name image-tag: ${{ github.sha }} @@ -58,7 +58,7 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - name: Scan Remote Image - uses: bashofmann/neuvector-image-scan-action@main + uses: neuvector/scan-action@main with: image-registry: https://registry.organization.com/ image-registry-username: ${{ secrets.RegistryUsername }} @@ -110,7 +110,7 @@ The following inputs can be used in `step.with`: ```yaml -- uses: bashofmann/neuvector-image-scan-action@main +- uses: neuvector/scan-action@main with: # Registry of the image to scan, e.g. `https://registry.organization.com/` # Default: @@ -158,9 +158,9 @@ The following inputs can be used in `step.with`: -[release]: https://github.com/bashofmann/neuvector-image-scan-action/releases/latest -[release-img]: https://img.shields.io/github/release/bashofmann/neuvector-image-scan-action.svg?logo=github -[marketplace]: https://github.com/marketplace/actions/bashofmann/neuvector-image-scan -[marketplace-img]: https://img.shields.io/badge/marketplace-bashofmann/neuvector-image-scan--action-blue?logo=github -[license]: https://github.com/bashofmann/neuvector-image-scan-action/blob/master/LICENSE -[license-img]: https://img.shields.io/github/license/bashofmann/neuvector-image-scan-action +[release]: https://github.com/neuvector/scan-action/releases/latest +[release-img]: https://img.shields.io/github/release/neuvector/scan-action.svg?logo=github +[marketplace]: https://github.com/marketplace/actions/neuvector/scan-action +[marketplace-img]: https://img.shields.io/badge/marketplace-neuvector/scan--action-blue?logo=github +[license]: https://github.com/neuvector/scan-action/blob/master/LICENSE +[license-img]: https://img.shields.io/github/license/neuvector/scan-action diff --git a/action.yml b/action.yml index d30a4b2..9d1d94a 100644 --- a/action.yml +++ b/action.yml @@ -1,5 +1,6 @@ -name: 'NeuVector Image Scan' +name: 'NeuVector Vulnerability Scan Action' description: 'Scans a container image for vulnerabilities with [NeuVector](https://neuvector.com)' +author: 'SUSE NeuVector' inputs: image-registry: description: 'Registry of the image to scan, e.g. `https://registry.organization.com/`' diff --git a/test/scan-image.bats b/test/scan-image.bats index ad05af2..5109e1a 100644 --- a/test/scan-image.bats +++ b/test/scan-image.bats @@ -1,11 +1,11 @@ #!/usr/bin/env bats setup_file() { - docker build . -t bashofmann/neuvector-image-scan-action + docker build . -t neuvector/scan-action } @test "docker daemon not reachable" { - run docker run --rm -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 bashofmann/neuvector-image-scan-action + run docker run --rm -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -14,7 +14,7 @@ setup_file() { } @test "invalid scanner image" { - run docker run --rm -e NV_SCANNER_IMAGE=invalid-image:latest -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock bashofmann/neuvector-image-scan-action + run docker run --rm -e NV_SCANNER_IMAGE=invalid-image:latest -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -23,7 +23,7 @@ setup_file() { } @test "scan image with vulnerabilities but don't fail" { - run docker run --rm -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock bashofmann/neuvector-image-scan-action + run docker run --rm -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -32,7 +32,7 @@ setup_file() { } @test "scan image with vulnerabilities and high severity fail" { - run docker run --rm -e HIGH_VUL_TO_FAIL=1 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock bashofmann/neuvector-image-scan-action + run docker run --rm -e HIGH_VUL_TO_FAIL=1 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -41,7 +41,7 @@ setup_file() { } @test "scan image with vulnerabilities and medium severity fail" { - run docker run --rm -e MEDIUM_VUL_TO_FAIL=1 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock bashofmann/neuvector-image-scan-action + run docker run --rm -e MEDIUM_VUL_TO_FAIL=1 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -50,7 +50,7 @@ setup_file() { } @test "scan image with vulnerabilities and specific CVE fail" { - run docker run --rm -e VUL_NAMES_TO_FAIL=invalid,CVE-2020-16156 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock bashofmann/neuvector-image-scan-action + run docker run --rm -e VUL_NAMES_TO_FAIL=invalid,CVE-2020-16156 -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -59,7 +59,7 @@ setup_file() { } @test "scan image with json output" { - run docker run --rm -e OUTPUT=json -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock bashofmann/neuvector-image-scan-action + run docker run --rm -e OUTPUT=json -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output @@ -68,10 +68,10 @@ setup_file() { } @test "scan image with csv output" { - run docker run --rm -e OUTPUT=csv -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock bashofmann/neuvector-image-scan-action + run docker run --rm -e OUTPUT=csv -e SCANNER_REGISTRY=https://index.docker.io/ -e SCANNER_REPOSITORY=library/debian -e SCANNER_TAG=11.0 -v /var/run/docker.sock:/var/run/docker.sock neuvector/scan-action echo "Status $status" echo "Output" echo -e $output [ "$status" -eq 0 ] [[ "$output" =~ '"severity"' ]] -} \ No newline at end of file +}