updated tests for new short description w/ burnettk #50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "ECR Scan and Retrieve SARIF Report" | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| jobs: | |
| ecr-scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v2 | |
| # - name: Run ECR Scan and Get SARIF Report | |
| # uses: sartography/github-actions-library/wait-for-ecr-scan-and-get-sarif@main | |
| # with: | |
| # repository_name: "infr/testcloud2202" | |
| # image_tag: "main" | |
| # aws_region: "us-east-2" | |
| # output_file: "report.sarif" | |
| - name: Set up Python 3.12 | |
| uses: actions/[email protected] | |
| with: | |
| python-version: 3.12 | |
| - name: Install dependencies | |
| shell: bash | |
| run: | | |
| pip install -r wait-for-ecr-scan-and-get-sarif/requirements.txt | |
| - name: Run the Python script to convert ECR scan to SARIF | |
| shell: bash | |
| run: | | |
| python wait-for-ecr-scan-and-get-sarif/pylib/aws_scan_findings_to_sarif.py \ | |
| --input_file wait-for-ecr-scan-and-get-sarif/tests/ecr-scan-result-ubuntu.json \ | |
| --output_file report.sarif | |
| - name: Upload SARIF report as artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: sarif-report | |
| path: report.sarif | |
| - name: Upload SARIF file | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: report.sarif | |
| category: security |