add docker/scout-action #18

jakoch · 2025-02-09T15:32:53Z

add docker/scout-action
- compare? the local image is build and loaded and compared against the one pushed to the registry?
upload sarif?

- name: Docker Scout
  id: docker-scout
  uses: docker/scout-action@v1 # https://github.com/docker/scout-action
  with:
    command: cves,recommendations,compare
    to-latest: false
    to: ${{ IMAGE }}:${{ COMPARE_TAG }}
    image: ${{ IMAGE }}:${{ IMAGE_TAG }}
    ignore-base: true
    ignore-unchanged: true
    only-fixed: ${{ ONLY-FIXED }}

    do we need to write comment, this requires token?
    write-comment: ${{ WRITE-COMMENT }}
    github-token: ${{ secrets.TOKEN }}

    do we need to upload sarif???
    sarif-file: sarif.output.json
    summary: true

- name: Upload Scan Report as Artifact
  uses: actions/upload-artifact@v4
  with:
    name: vulnerability-scan-report
    path: sarif.output.json

The text was updated successfully, but these errors were encountered:

jakoch · 2025-02-16T16:47:09Z

Error: could not authenticate: user githubactions not entitled to use Docker Scout

this might need an additional auth to the docker-hub and not just the github token
see docker/scout-action#8

disabled for now

jakoch added a commit that referenced this issue Feb 9, 2025

add docker/scout-action (issue #18)

0ca74d3

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

add docker/scout-action #18

add docker/scout-action #18

jakoch commented Feb 9, 2025 •

edited

Loading

jakoch commented Feb 16, 2025 •

edited

Loading

add docker/scout-action #18

add docker/scout-action #18

Comments

jakoch commented Feb 9, 2025 • edited Loading

jakoch commented Feb 16, 2025 • edited Loading

jakoch commented Feb 9, 2025 •

edited

Loading

jakoch commented Feb 16, 2025 •

edited

Loading