Skip to content

Adding scanning of built container #76

Adding scanning of built container

Adding scanning of built container #76

name: PR build - master
on:
pull_request:
branches: [ "master" ]
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
java: [ 11 ]
steps:
- uses: actions/checkout@v2
- name: Set up Java
uses: actions/setup-java@v1
with:
java-version: ${{ matrix.java }}
- name: Cache local Maven repository
uses: actions/cache@v2
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Build with Maven
run: mvn -B -U verify --file pom.xml
scan-with-lacework:
name: Trigger LaceWork Scanning
runs-on: ubuntu-latest
needs: [ build ]
if: success()
steps:
- name: Trigger LaceWork Scanning using a different method
run: |
docker run -e LW_ACCOUNT_NAME=$LW_ACCOUNT_NAME -e LW_ACCESS_TOKEN=$LW_ACCESS_TOKEN -e LW_SCANNER_SAVE_RESULTS=true -e LW_SCANNER_DISABLE_UPDATES=false -v /var/run/docker.sock:/var/run/docker.sock lacework/lacework-inline-scanner:latest image evaluate swaggerapi/swagger-codegen-cli latest --docker-server index.docker.io --docker-username $docker_user --docker-password $docker_password > /dev/null 2>&1
env:
LW_ACCOUNT_NAME: ${{ secrets.LW_ACCOUNT_NAME }}
LW_ACCESS_TOKEN: ${{ secrets.LW_ACCESS_TOKEN }}
docker_user: ${{ secrets.DOCKERHUB_SB_USERNAME}}
docker_password: ${{ secrets.DOCKERHUB_SB_PASSWORD}}