Skip to content

Commit

Permalink
x
Browse files Browse the repository at this point in the history 
Signed-off-by: Derek Nola <[email protected]>
  • Loading branch information
@dereknola
dereknola committed Sep 11, 2024
1 parent ce52b11 commit 5e91f28
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions .github/workflows/trivy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,16 +33,17 @@ jobs:

- name: Build RKE2 Image
run: SKIP_WINDOWS=true make build-image-runtime
- name: Save Newest Tag
- name: Save Runtime Tag
id: rke2-tag
run: |
docker images --format "{{.Repository}}:{{.Tag}} {{.CreatedAt}}"
NEWEST_TAG=$(docker images --format "{{.Repository}}:{{.Tag}} {{.CreatedAt}}" | grep "rancher/rke2-runtime" | sort -k2 -r | head -n1 | awk '{print $1}')
echo "{NEWEST_TAG}={$NEWEST_TAG}" >> "$GITHUB_ENV"
TAG=$(docker images --format "{{.Repository}}:{{.Tag}} {{.CreatedAt}}" | grep "rancher/rke2-runtime" | sort -k2 -r | head -n1 | awk '{print $1}')
echo "TAG=${TAG}" >> "$GITHUB_OUTPUT"
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
image-ref: 'rancher/rke2-runtime:${{ env.NEWEST_TAG }}'
image-ref: 'rancher/rke2-runtime:${{ steps.rke2-tag.outputs.TAG }}'
format: 'table'
severity: "HIGH,CRITICAL"
output: "trivy-report.txt"
Expand Down

0 comments on commit 5e91f28

Please sign in to comment.