Skip to content

fix: Dockerfile to reduce vulnerabilities #76

fix: Dockerfile to reduce vulnerabilities

fix: Dockerfile to reduce vulnerabilities #76

Workflow file for this run

name: Tests
on: [push]
jobs:
test_job:
runs-on: ubuntu-latest
name: A job to run a container security scan
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Running tests
run: |
echo "Installing app dependencies"
pip install -r requirements.txt
echo "Installing test dependencies"
pip install -r requirements-test.txt
echo "Setting python path"
export PYTHONPATH=.
echo "Running tests"
pytest tests/
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Build
uses: docker/build-push-action@v2
with:
context: .
push: false
tags: actions/consec:latest
load: true
- name: Runs the container security scan
uses: ./
id: consec
with:
repo_name: actions/consec
tag_name: latest
wait_for_results: true
env:
ACCESS_KEY: ${{ secrets.ACCESS_KEY }}
SECRET_KEY: ${{ secrets.SECRET_KEY }}
- name: Gets the risk score
run: echo "The risk score ${{ steps.consec.outputs.risk_score }}"
- name: Gets the risk scores for cves
run: echo "The cve information is ${{ steps.consec.outputs.cve_info }}"