Give Anchore a new chance

2024-11-22 15:32:01 +01:00 · 2022-06-24 13:25:11 +02:00 · 2022-06-24 13:25:11 +02:00 · e6a00874d2
commit e6a00874d2
parent 19a5a197e1
1 changed files with 14 additions and 14 deletions
--- a/.github/workflows/anchore-analysis.yml
+++ b/.github/workflows/anchore-analysis.yml
@ -14,17 +14,17 @@ jobs:
  Anchore-Build-Scan:
    runs-on: ubuntu-latest
    steps:
-    - name: Checkout the code
+      - name: Set up Docker Buildx
-      uses: actions/checkout@v2
+        uses: docker/setup-buildx-action@v1
-    - name: Build the Docker image
+
-      run: docker build . --file Dockerfile --tag localbuild/testimage:latest      
+      - name: build local container
-    - name: Run the local Anchore scan action itself with GitHub Advanced Security code scanning integration enabled
+        uses: docker/build-push-action@v2
-      uses: anchore/scan-action@main
+        with:
-      with:
+          tags: localbuild/testimage:latest
-        image: "localbuild/testimage:latest"
+          push: false
-        dockerfile-path: "Dockerfile"
+          load: true
-        acs-report-enable: true
+
-    - name: Upload Anchore Scan Report
+      - name: Scan image
-      uses: github/codeql-action/upload-sarif@v1
+        uses: anchore/scan-action@v3
-      with:
+        with:
-        sarif_file: results.sarif
+          image: "localbuild/testimage:latest"