-
Notifications
You must be signed in to change notification settings - Fork 1
29 lines (27 loc) · 1011 Bytes
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
on: [push]
jobs:
hello_world_job:
runs-on: ubuntu-latest
name: GitHub Action for LW Scanner
steps:
- name: Pull Log4J Vul Container
shell: bash
run: |
docker pull uzyexe/pacman
- name: Scan container images for vulnerabitilies using Lacework
# uses: timarenz/lw-scanner-action@main
uses: lacework/[email protected]
continue-on-error: false
with:
LW_ACCOUNT_NAME: ${{ secrets.LW_ACCOUNT_NAME }}
LW_ACCESS_TOKEN: ${{ secrets.LW_ACCESS_TOKEN }}
# SAVE_BUILD_REPORT: true
SAVE_RESULTS_IN_LACEWORK: true
image_name: uzyexe/pacman
image_tag: latest
BUILD_REPORT_FILE_NAME: report.html
## FAIL_BUILD: true
# SEVERITY_THRESHOLD: fixable
# - name: Check if vulnerabilites were found and step failed.
# if: steps.lw-scanner.outcome == 'failure'
# run: echo "Vulnerabilities found and step failed succesfully." && exit 0