From 6938d4d9b2e9edc2a99e51fb2263727289890c7e Mon Sep 17 00:00:00 2001 From: r3drun3 Date: Thu, 18 Apr 2024 18:59:37 +0200 Subject: [PATCH] ci(patch): test Signed-off-by: r3drun3 --- .github/workflows/patch.yaml | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/.github/workflows/patch.yaml b/.github/workflows/patch.yaml index f753d10..f2e3da2 100644 --- a/.github/workflows/patch.yaml +++ b/.github/workflows/patch.yaml @@ -48,9 +48,19 @@ jobs: username: ${{ secrets.SIGHUP_REGISTRY_USERNAME }} password: ${{ secrets.SIGHUP_REGISTRY_PASSWORD }} + - name: Set Image Tag + id: set_tag + run: | + TAG=$(echo "${{ matrix.target }}" | grep -o '[^:]*$') + IMMUNIZED_TAG="${TAG}" + PATCHED_TAG_SBOM=$(echo "${{ matrix.target }}" | tr '/:' '-') + IMAGE_NAME=$(echo "${{ matrix.target }}" | sed -E 's|.*/([^:/]+/[^:/]+).*|\1|') + echo "PATCHED_TAG=${IMMUNIZED_TAG}" >> $GITHUB_ENV + echo "PATCHED_TAG_SBOM=${PATCHED_TAG_SBOM}" >> $GITHUB_ENV + echo "IMAGE_NAME=${IMAGE_NAME}" >> $GITHUB_ENV + - name: Generate Trivy Report id: trivy - continue-on-error: true uses: aquasecurity/trivy-action@69cbbc0cbbf6a2b0bab8dcf0e9f2d7ead08e87e4 with: scan-type: 'image' @@ -63,23 +73,12 @@ jobs: - name: Check Vuln Count id: vuln_count - continue-on-error: true run: | report_file="report.json" vuln_count=$(jq '.Results | length' "$report_file") echo "vuln_count=$vuln_count" >> $GITHUB_OUTPUT echo $vuln_count - - name: Set Image Tag - id: set_tag - run: | - TAG=$(echo "${{ matrix.target }}" | grep -o '[^:]*$') - IMMUNIZED_TAG="${TAG}" - PATCHED_TAG_SBOM=$(echo "${{ matrix.target }}" | tr '/:' '-') - IMAGE_NAME=$(echo "${{ matrix.target }}" | sed -E 's|.*/([^:/]+/[^:/]+).*|\1|') - echo "PATCHED_TAG=${IMMUNIZED_TAG}" >> $GITHUB_ENV - echo "PATCHED_TAG_SBOM=${PATCHED_TAG_SBOM}" >> $GITHUB_ENV - echo "IMAGE_NAME=${IMAGE_NAME}" >> $GITHUB_ENV - name: Copa Action # if: steps.vuln_count.outputs.vuln_count != '0'