Resolve v1.1.0 errors (#55)

* debugging exception handling * debugging * tune log message --------- Co-authored-by: Michael Long <[email protected]>
aws-actions · Jun 4, 2024 · ecf6e39 · ecf6e39
1 parent ae0421a
commit ecf6e39
Show file tree

Hide file tree

Showing 11 changed files with 11 additions and 11 deletions.
diff --git a/.github/workflows/build_scan_container.yml b/.github/workflows/build_scan_container.yml
@@ -47,7 +47,7 @@ jobs:
           role-to-assume: ${{ secrets.AWS_IAM_ROLE }}
 
       - name: Scan built image with Inspector
-        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1.1.0
+        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@debugging_1.1.0_errors
         id: inspector
         with:
           artifact_type: 'container'

diff --git a/.github/workflows/example_display_findings.yml b/.github/workflows/example_display_findings.yml
@@ -29,7 +29,7 @@ jobs:
       # modify this block to scan your intended artifact
       - name: Inspector Scan
         id: inspector
-        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1.1.0
+        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@debugging_1.1.0_errors
         with:
           # change artifact_type to either 'repository', 'container', 'binary', or 'archive'.
           # this example scans a container image

diff --git a/.github/workflows/test_archive.yml b/.github/workflows/test_archive.yml
@@ -32,7 +32,7 @@ jobs:
 
       - name: Test archive scan
         id: inspector
-        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1.1.0
+        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@debugging_1.1.0_errors
         with:
           artifact_type: 'archive'
           artifact_path: 'entrypoint/tests/test_data/artifacts/archives/testData.zip'

diff --git a/.github/workflows/test_binary.yml b/.github/workflows/test_binary.yml
@@ -32,7 +32,7 @@ jobs:
 
       - name: Test binary scan
         id: inspector
-        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1.1.0
+        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@debugging_1.1.0_errors
         with:
           artifact_type: 'binary'
           artifact_path: 'entrypoint/tests/test_data/artifacts/binaries/inspector-sbomgen'

diff --git a/.github/workflows/test_containers.yml b/.github/workflows/test_containers.yml
@@ -32,7 +32,7 @@ jobs:
 
       - name: Test container scan
         id: inspector
-        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1.1.0
+        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@debugging_1.1.0_errors
         with:
           artifact_type: 'container'
           artifact_path: 'ubuntu:14.04'

diff --git a/.github/workflows/test_dockerfile_vulns.yml b/.github/workflows/test_dockerfile_vulns.yml
@@ -31,7 +31,7 @@ jobs:
 
       - name: Scan Dockerfiles
         id: inspector
-        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1.1.0
+        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@debugging_1.1.0_errors
         with:
           artifact_type: 'repository'
           artifact_path: './'

diff --git a/.github/workflows/test_installation.yml b/.github/workflows/test_installation.yml
@@ -28,7 +28,7 @@ jobs:
           role-to-assume: ${{ secrets.AWS_IAM_ROLE }}
 
       - name: Test Amazon Inspector GitHub Actions plugin
-        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1.1.0
+        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@debugging_1.1.0_errors
         with:
           artifact_type: 'container'
           artifact_path: 'alpine:latest'

diff --git a/.github/workflows/test_no_vulns.yml b/.github/workflows/test_no_vulns.yml
@@ -28,7 +28,7 @@ jobs:
 
       - name: Test binary scan
         id: inspector
-        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1.1.0
+        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@debugging_1.1.0_errors
         with:
           artifact_type: 'binary'
           artifact_path: 'entrypoint/tests/test_data/artifacts/binaries/test_go_binary'

diff --git a/.github/workflows/test_repository.yml b/.github/workflows/test_repository.yml
@@ -31,7 +31,7 @@ jobs:
 
       - name: Test repository scan
         id: inspector
-        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1.1.0
+        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@debugging_1.1.0_errors
         with:
           artifact_type: 'repository'
           artifact_path: './'

diff --git a/.github/workflows/test_vuln_thresholds.yml b/.github/workflows/test_vuln_thresholds.yml
@@ -30,7 +30,7 @@ jobs:
           role-to-assume: ${{ secrets.AWS_IAM_ROLE }}
 
       - name: Scan artifact with Inspector
-        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1.1.0
+        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@debugging_1.1.0_errors
         id: inspector
         with:
           artifact_type: 'archive'

diff --git a/entrypoint/entrypoint/orchestrator.py b/entrypoint/entrypoint/orchestrator.py
@@ -60,7 +60,7 @@ def post_dockerfile_step_summary(args, total_vulns):
             with open(args.out_dockerfile_scan_md, "r") as f:
                 dockerfile_markdown = f.read()
         except Exception as e:
-            logging.info(e)
+            logging.debug(e) # can be spammy, so set as debug log
             return
 
         if not dockerfile_markdown: