Skip to content
EnableSecurity/wafw00f

Sonarcloud ghauri #23

Sign in to view logs

Sonarcloud ghauri

Sonarcloud ghauri #23

Workflow file for this run

.github/workflows/wafw00f.yml at 5a75ae0
name: EnableSecurity/wafw00f
on:
push:
branches:
- main # Change to your default branch if not main
pull_request:
branches:
- main # Change to your default branch if not main
permissions:
contents: read
packages: write
security-events: write
jobs:
build-and-push:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest]
steps:
- uses: actions/checkout@v3
- uses: snyk/actions/setup@master
- name: Set release version
id: set_version
run: echo "RELEASE_VERSION=2.2.0" >> $GITHUB_ENV
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Cache Docker layers
uses: actions/cache@v3
with:
path: ${{ github.workspace }}/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Build and push Docker image
run: |
docker buildx build --push \
--tag ghcr.io/${{ github.repository_owner }}/wafw00f:${{ env.RELEASE_VERSION }} \
--tag ghcr.io/${{ github.repository_owner }}/wafw00f:latest \
--platform linux/amd64,linux/arm64 ./files/wafw00f
- name: Logout from Docker Hub
run: docker logout
- name: Check ghcr.io/${{ github.repository_owner }}/wafw00f:${{ env.RELEASE_VERSION }} image
uses: snyk/actions/docker@master
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: ghcr.io/${{ github.repository_owner }}/wafw00f:${{ env.RELEASE_VERSION }}
args: --file=./files/wafw00f/Dockerfile
json: true
- uses: garethr/snyk-to-sarif@master
- uses: actions/upload-artifact@v4
with:
name: SARIF
path: snyk.sarif
- name: Upload SARIF Report to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: snyk.sarif