Skip to content

Merge pull request #3798 from zowe/users/robot/promote-ptf-from-29 #2502

Merge pull request #3798 from zowe/users/robot/promote-ptf-from-29

Merge pull request #3798 from zowe/users/robot/promote-ptf-from-29 #2502

Workflow file for this run

name: Kubernetes Containers Scan
on:
push:
branches:
- staging
- v1.x/staging
pull_request:
types: [opened, synchronize]
workflow_dispatch:
inputs:
RANDOM_DISPATCH_EVENT_ID:
description: 'random dispatch event id'
required: false
type: string
jobs:
display-dispatch-event-id:
if: github.event.inputs.RANDOM_DISPATCH_EVENT_ID != ''
runs-on: ubuntu-latest
steps:
- name: RANDOM_DISPATCH_EVENT_ID is ${{ github.event.inputs.RANDOM_DISPATCH_EVENT_ID }}
run: echo "prints random dispatch event id sent from workflow dispatch event"
setup-matrix:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Setup image list matrix
id: setup-image-matrix
run: |
IMAGES_LIST=$(cat manifest.json.template | jq -r '.imageDependencies[] | "{\"image\": \"" + .registry + "/" + .name + ":" + .tag + "\"},"')
echo image-matrix={\"include\":[$IMAGES_LIST]} >> $GITHUB_OUTPUT
outputs:
image-matrix: ${{ steps.setup-image-matrix.outputs.image-matrix }}
snyk:
runs-on: ubuntu-latest
needs: setup-matrix
strategy:
matrix: ${{ fromJson(needs.setup-matrix.outputs.image-matrix) }}
steps:
- uses: actions/checkout@v2
- name: Run Snyk to check Docker image for vulnerabilities
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
continue-on-error: true
uses: snyk/actions/docker@master
# we don't have original Dockerfile, cannot generate and upload sarif
with:
image: ${{ matrix.image }}
command: test