Mercurial > p > roundup > code

comparison .github/workflows/anchore.yml @ 7236:821429f560cd

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bump actions/checkout from 3.4.0 to 3.5.0 - https://github.com/roundup-tracker/roundup/pull/13
author John Rouillard <rouilj@ieee.org>
date Sun, 26 Mar 2023 22:20:21 -0400
parents 743f02e916a7
children 4c1d62dbcffe
comparison
equal deleted inserted replaced
7235:743f02e916a7 7236:821429f560cd
35 security-events: write # for github/codeql-action/upload-sarif to upload SARIF results 35 security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
36 actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status 36 actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
37 runs-on: ubuntu-latest 37 runs-on: ubuntu-latest
38 steps: 38 steps:
39 - name: Checkout the code 39 - name: Checkout the code
40 uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f 40 uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3
41 # v3.4.0 41 # v3.5.0
42 - name: Build the Docker image 42 - name: Build the Docker image
43 run: docker pull python:3-alpine; docker build . --file scripts/Docker/Dockerfile --tag localbuild/testimage:latest 43 run: docker pull python:3-alpine; docker build . --file scripts/Docker/Dockerfile --tag localbuild/testimage:latest
44 - name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled 44 - name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled
45 uses: anchore/scan-action@dafbc97d7259af88b61bd260f2fde565d0668a72 # v3.3.4 45 uses: anchore/scan-action@dafbc97d7259af88b61bd260f2fde565d0668a72 # v3.3.4
46 id: scan 46 id: scan
Roundup Issue Tracker: http://roundup-tracker.org/