feat(): execute Docker Scout against tags yielded by metadata step

e7d · Apr 5, 2024 · 9bceca5 · 9bceca5
1 parent 78860f1
commit 9bceca5
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
@@ -55,7 +55,7 @@ jobs:
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
             type=edge,branch=$repo.default_branch
-            type=sha,prefix=,suffix=,format=short
+            type=ref,event=pr
       - name: Build and push Docker image
         uses: docker/build-push-action@v5
         with:
@@ -72,7 +72,7 @@ jobs:
         uses: docker/scout-action@v1
         with:
           command: cves,recommendations,compare
-          image: ${{ vars.DOCKERHUB_IMAGE }}:${{ env.SHA }}
+          image: ${{ steps.meta.outputs.tags }}
           to: ${{ vars.DOCKERHUB_IMAGE }}:latest
           ignore-base: true
           ignore-unchanged: true