This repository has been archived by the owner on Feb 21, 2024. It is now read-only.

fix(container): update image cloudflare/cloudflared to v2023.7.1 #2245

Workflow file for this run

.github/workflows/scan-containers.yaml at 8d1589e

	---
	name: Scan Containers

	on: # yamllint disable-line rule:truthy
	pull_request:
	branches:
	- main
	paths:
	- "cluster/**.yaml"
	- "ansible/**.yml.j2"

	jobs:
	detect-file-changes:
	name: Detect File Changes
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v3
	- uses: dorny/paths-filter@v2
	id: filter
	with:
	list-files: json
	filters: \|
	yaml:
	- added\|modified: "**.yaml"
	- added\|modified: "**.yml"
	- added\|modified: "**.yaml.j2"
	- added\|modified: "**.yml.j2"
	outputs:
	yaml_files: ${{ steps.filter.outputs.yaml_files }}
	detect-containers:
	name: Detect Containers
	runs-on: ubuntu-latest
	needs: detect-file-changes
	strategy:
	matrix:
	file: ${{ fromJSON(needs.detect-file-changes.outputs.yaml_files) }}
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Install Jo
	run: \|
	sudo apt-get install jo
	- name: Detect Containers in Files
	id: containers
	run: \|
	containers=$(.github/scripts/container-parser.sh --file "${{ matrix.file }}")
	echo "${containers}"
	echo ::set-output name=containers::${containers}
	outputs:
	containers: ${{ steps.containers.outputs.containers }}
	scan-containers:
	name: Scan Containers
	runs-on: ubuntu-latest
	needs: detect-containers
	strategy:
	matrix: ${{ fromJSON(needs.detect-containers.outputs.containers) }}
	fail-fast: false
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Scan Container
	uses: aquasecurity/[email protected]
	with:
	image-ref: ${{ matrix.containers }}
	vuln-type: os,library
	severity: CRITICAL,HIGH
	format: sarif
	output: trivy-results.sarif
	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: trivy-results.sarif

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(container): update image cloudflare/cloudflared to v2023.7.1 #2245

Workflow file

fix(container): update image cloudflare/cloudflared to v2023.7.1 #2245

Jobs

Run details

Workflow file for this run