Skip to content

Commit

Permalink
Use env variable for docker image name
Browse files Browse the repository at this point in the history
  • Loading branch information
@danjov
danjov committed Nov 7, 2024
1 parent 7696c5d commit 376a464
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions .github/workflows/trivy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,16 +22,20 @@ jobs:
- name: Checkout code
uses: actions/checkout@v4

- name: Set environment variables
run: |
echo IMAGE_NAME=$REGISTRY/$(echo ${GITHUB_REPOSITORY,,}) >> $GITHUB_ENV
- name: Build image from Dockerfile
run: |
docker build --build-arg VERSION=$GITHUB_RUN_NUMBER --build-arg REVISION=${{ github.sha }} -t ghcr.io/$GITHUB_REPOSITORY:${{ github.sha }} .
docker build --build-arg VERSION=$GITHUB_RUN_NUMBER --build-arg REVISION=${{ github.sha }} -t ${{ env.IMAGE_NAME }}:${{ github.sha }} .
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@7b7aa264d83dc58691451798b4d117d53d21edfe
env:
ACTIONS_RUNTIME_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Addresses https://github.com/aquasecurity/trivy-action/issues/389
with:
image-ref: 'ghcr.io/geowerkstatt/interlis-check-service:${{ github.sha }}'
image-ref: '${{ env.IMAGE_NAME }}:${{ github.sha }}'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results.sarif'
Expand Down

1 comment on commit 376a464

@flenny
Copy link
Member

@flenny flenny commented on 376a464 Nov 7, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Topp 👍

Please sign in to comment.