Skip to content
Build and Push mvt-project/mvt to burso/mvt

another way how to generate sarif artifact #20

Sign in to view logs

another way how to generate sarif artifact

another way how to generate sarif artifact #20

Workflow file for this run

.github/workflows/mvt-project.yml at 89ea69e
name: Build and Push mvt-project/mvt to burso/mvt
on:
push:
branches:
- main
pull_request:
branches:
- main
permissions:
contents: read
security-events: write
jobs:
build-and-push:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest]
steps:
- uses: actions/checkout@v3
- uses: snyk/actions/setup@master
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Cache Docker layers
uses: actions/cache@v3
with:
path: ${{ github.workspace }}/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Build and push Docker image
run: |
docker buildx build --push \
--tag ${{ secrets.DOCKER_HUB_USERNAME }}/mvt:latest \
--platform linux/amd64,linux/arm64 ./files/mvt-project
- name: Logout from Docker Hub
run: docker logout
- name: Check burso/mvt-project image
uses: snyk/actions/docker@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: ${{ secrets.DOCKER_HUB_USERNAME }}/mvt:latest
args: --file=./files/mvt-project/Dockerfile
json: true
- uses: garethr/snyk-to-sarif@master
- uses: actions/upload-artifact@v2
with:
name: SARIF
path: snyk.sarif
- name: Upload SARIF Report to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: sarif-reports/snyk.sarif