From 429f5e7568df699c68c8e7088c2623b9646722ea Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov <alexey.pustovalov@zabbix.com> Date: Fri, 17 Jan 2025 16:44:37 +0900 Subject: [PATCH] Added container scan tool --- .github/workflows/images_build.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/images_build.yml b/.github/workflows/images_build.yml index 1cee32076..41bae5f41 100644 --- a/.github/workflows/images_build.yml +++ b/.github/workflows/images_build.yml @@ -392,6 +392,12 @@ jobs: cache-from: ${{ steps.cache_data.outputs.cache_from }} cache-to: ${{ steps.cache_data.outputs.cache_to }} + - name: Scan for vulnerabilities + uses: crazy-max/ghaction-container-scan@v3 + with: + image: ${{ fromJSON(steps.meta.outputs.json).tags[0] }} + annotations: true + - name: Sign the images with GitHub OIDC Token if: ${{ env.AUTO_PUSH_IMAGES == 'true' }} env: