From 610a5d97c7edb6b430dfad63951254d59284f400 Mon Sep 17 00:00:00 2001
From: Giuseppe Iannelli <giuseppe.iannelli@sighup.io>
Date: Thu, 26 Sep 2024 14:36:01 +0200
Subject: [PATCH] debug(cve-scan-patch): find the docker auth file

---
 .github/workflows/cve-scan-and-patching.yml | 86 +++++++++++----------
 1 file changed, 46 insertions(+), 40 deletions(-)

diff --git a/.github/workflows/cve-scan-and-patching.yml b/.github/workflows/cve-scan-and-patching.yml
index 9c47516..0a374e1 100644
--- a/.github/workflows/cve-scan-and-patching.yml
+++ b/.github/workflows/cve-scan-and-patching.yml
@@ -10,6 +10,9 @@ on:
   #schedule:
   #  - cron: "0 2 * * *"
 
+env:
+  DOCKER_CONFIG: ${{ env.RUNNER_TEMP }}/docker
+
 jobs:
   scan-and-patching:
     runs-on: ubuntu-latest
@@ -26,43 +29,46 @@ jobs:
           registry: registry.sighup.io
           username: ${{ secrets.SIGHUP_REGISTRY_USERNAME }}
           password: ${{ secrets.SIGHUP_REGISTRY_PASSWORD }}
-      - name: Install furyctl, trivy and copa
-        run: |
-          sudo apt-get install wget apt-transport-https gnupg
-          wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null
-          echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
-          sudo apt-get update
-          sudo apt-get install trivy
-          trivy --version
-          
-          wget https://github.com/sighupio/furyctl/releases/download/v0.29.7/furyctl-linux-amd64.tar.gz
-          tar -xzvf furyctl-linux-amd64.tar.gz -C /usr/local/bin/
-          furyctl version
-
-          wget https://github.com/moby/buildkit/releases/download/v0.16.0/buildkit-v0.16.0.linux-amd64.tar.gz
-          tar -xzvf buildkit-v0.16.0.linux-amd64.tar.gz -C /usr/local/bin/  --strip-components=1
-          buildctl --version
-
-          wget https://github.com/project-copacetic/copacetic/releases/download/v0.8.0/copa_0.8.0_linux_amd64.tar.gz
-          tar -xzvf copa_0.8.0_linux_amd64.tar.gz
-          chmod +x copa
-          sudo mv copa /usr/local/bin/
-          copa --version
-
-      - name: Execute scan and patching
-        run: |
-          cd CVEs
-          make trivy-download-db
-          make all
-          echo "todayDate=$(date +'%Y-%m-%d')" >> $GITHUB_ENV
-          echo "KFD_VERSIONS=$(find CVEs -name "v*" -maxdepth 1 | cut -d/ -f2 | sort)" >> $GITHUB_ENV
-
-      - name: publish patching report
-        uses: actions/upload-artifact@v4
-        with:
-          name: cve-reports-${{env.todayDate}}
-          path: |
-            CVEs/v*/images.txt
-            CVEs/v*/built.yaml
-            CVEs/v*/*.md
-            CVEs/v*/*.log
+      - name: find DOCKER_AUTH_CONFIG
+        run: | 
+          ls -l ${{ DOCKER_CONFIG}}
+#      - name: Install furyctl, trivy and copa
+#        run: |
+#          sudo apt-get install wget apt-transport-https gnupg
+#          wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null
+#          echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
+#          sudo apt-get update
+#          sudo apt-get install trivy
+#          trivy --version
+#
+#          wget https://github.com/sighupio/furyctl/releases/download/v0.29.7/furyctl-linux-amd64.tar.gz
+#          tar -xzvf furyctl-linux-amd64.tar.gz -C /usr/local/bin/
+#          furyctl version
+#
+#          wget https://github.com/moby/buildkit/releases/download/v0.16.0/buildkit-v0.16.0.linux-amd64.tar.gz
+#          tar -xzvf buildkit-v0.16.0.linux-amd64.tar.gz -C /usr/local/bin/  --strip-components=1
+#          buildctl --version
+#
+#          wget https://github.com/project-copacetic/copacetic/releases/download/v0.8.0/copa_0.8.0_linux_amd64.tar.gz
+#          tar -xzvf copa_0.8.0_linux_amd64.tar.gz
+#          chmod +x copa
+#          sudo mv copa /usr/local/bin/
+#          copa --version
+#
+#      - name: Execute scan and patching
+#        run: |
+#          cd CVEs
+#          DOCKER_AUTH_CONFIG=
+#          make trivy-download-db
+#          make all
+#          echo "todayDate=$(date +'%Y-%m-%d')" >> $GITHUB_ENV
+#
+#      - name: publish patching report
+#        uses: actions/upload-artifact@v4
+#        with:
+#          name: cve-reports-${{env.todayDate}}
+#          path: |
+#            CVEs/v*/images.txt
+#            CVEs/v*/built.yaml
+#            CVEs/v*/*.md
+#            CVEs/v*/*.log