-
Notifications
You must be signed in to change notification settings - Fork 14
/
security-scan.sh
executable file
·22 lines (16 loc) · 777 Bytes
/
security-scan.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
#!/bin/bash
###########################
# This script sources the security-scan.sh script from
# https://github.com/RedHatInsights/platform-security-gh-workflow
# This script, in combination with Jenkins, scans a repo's Dockerfile
# to provide a Software Bill of Materials (SBOM) and scan security vulnerabilities.
###########################
set -exv
IMAGE_NAME="better-platform-docs"
DOCKERFILE_LOCATION="."
# (Severity Options: negligible, low, medium, high, critical)
FAIL_ON_SEVERITY="high"
# Build on Podman or Docker
PODMAN_OR_DOCKER="docker"
curl -sSL https://raw.githubusercontent.com/RedHatInsights/platform-security-gh-workflow/master/jenkins/security-scan.sh | \
sh -s "${IMAGE_NAME}" "${DOCKERFILE_LOCATION}" "${FAIL_ON_SEVERITY}" "${PODMAN_OR_DOCKER}"