Mercurial > p > roundup > code
comparison .github/workflows/anchore.yml @ 7146:572d1a9f875c
Try to force update of base image.
The current python:3-alpine image passes security checks, but it's
not passing in ci.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Wed, 15 Feb 2023 18:36:00 -0500 |
| parents | 86dae713d4c6 |
| children | 7f4d20ebae4a |
comparison
equal
deleted
inserted
replaced
| 7145:f72a16661ac6 | 7146:572d1a9f875c |
|---|---|
| 35 actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status | 35 actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status |
| 36 runs-on: ubuntu-latest | 36 runs-on: ubuntu-latest |
| 37 steps: | 37 steps: |
| 38 - name: Checkout the code | 38 - name: Checkout the code |
| 39 uses: actions/checkout@v3 | 39 uses: actions/checkout@v3 |
| 40 - name: Update base image | |
| 41 run: docker pull python:3-alpine | |
| 40 - name: Build the Docker image | 42 - name: Build the Docker image |
| 41 run: docker build . --file scripts/Docker/Dockerfile --tag localbuild/testimage:latest | 43 run: docker build . --file scripts/Docker/Dockerfile --tag localbuild/testimage:latest |
| 42 - name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled | 44 - name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled |
| 43 uses: anchore/scan-action@v3 | 45 uses: anchore/scan-action@v3 |
| 44 id: scan | 46 id: scan |