Anchore Container Scan #2184

Workflow file for this run

.github/workflows/anchore-analysis.yml at 8820f2d


	name: Anchore Container Scan

	on:
	schedule:
	# launch analysis every day on develop (shall be launch after snapshot build)
	- cron: '0 1 * * *'
	workflow_dispatch:

	permissions:
	contents: read

	jobs:
	Anchore-Build-Scan:
	permissions:
	contents: read # for actions/checkout to fetch code
	security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
	runs-on: ubuntu-latest
	steps:
	- name: Checkout the code
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	- name: Pull docker images
	run: \|
	docker pull lfeoperatorfabric/of-cards-consultation-service:SNAPSHOT
	docker pull lfeoperatorfabric/of-cards-publication-service:SNAPSHOT
	docker pull lfeoperatorfabric/of-users-service:SNAPSHOT
	docker pull lfeoperatorfabric/of-businessconfig-service:SNAPSHOT
	docker pull lfeoperatorfabric/of-external-devices-service:SNAPSHOT
	docker pull lfeoperatorfabric/of-cards-external-diffusion-service:SNAPSHOT
	docker pull lfeoperatorfabric/of-cards-reminder:SNAPSHOT
	docker pull lfeoperatorfabric/of-supervisor:SNAPSHOT
	docker pull lfeoperatorfabric/of-web-ui:SNAPSHOT
	- name: Analyse card consultation
	uses: anchore/scan-action@7c05671ae9be166aeb155bad2d7df9121823df32 # v6.1.0
	id: scan-cards-consultation
	with:
	image: "lfeoperatorfabric/of-cards-consultation-service:SNAPSHOT"
	fail-build: false
	- name: Upload Anchore Scan Report for cards-consultation
	uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
	with:
	sarif_file: ${{ steps.scan-cards-consultation.outputs.sarif }}
	category: consultation
	- name: Analyse card publication
	uses: anchore/scan-action@7c05671ae9be166aeb155bad2d7df9121823df32 # v6.1.0
	id: scan-cards-publication
	with:
	image: "lfeoperatorfabric/of-cards-publication-service:SNAPSHOT"
	fail-build: false
	- name: Upload Anchore Scan Report for cards-publication
	uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
	with:
	sarif_file: ${{ steps.scan-cards-publication.outputs.sarif }}
	category: publication
	- name: Analyse users
	uses: anchore/scan-action@7c05671ae9be166aeb155bad2d7df9121823df32 # v6.1.0
	id: scan-users
	with:
	image: "lfeoperatorfabric/of-users-service:SNAPSHOT"
	fail-build: false
	- name: Upload Anchore Scan Report for users
	uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
	with:
	sarif_file: ${{ steps.scan-users.outputs.sarif }}
	category: users
	- name: Analyse businessConfig
	uses: anchore/scan-action@7c05671ae9be166aeb155bad2d7df9121823df32 # v6.1.0
	id: scan-businessconfig
	with:
	image: "lfeoperatorfabric/of-businessconfig-service:SNAPSHOT"
	fail-build: false
	- name: Upload Anchore Scan Report for businessConfig
	uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
	with:
	sarif_file: ${{ steps.scan-businessconfig.outputs.sarif }}
	category: businessconfig
	- name: Analyse external-devices
	uses: anchore/scan-action@7c05671ae9be166aeb155bad2d7df9121823df32 # v6.1.0
	id: scan-external-devices
	with:
	image: "lfeoperatorfabric/of-external-devices-service:SNAPSHOT"
	fail-build: false
	- name: Upload Anchore Scan Report for external devices
	uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
	with:
	sarif_file: ${{ steps.scan-external-devices.outputs.sarif }}
	category: external-devices
	- name: Analyse web-ui
	uses: anchore/scan-action@7c05671ae9be166aeb155bad2d7df9121823df32 # v6.1.0
	id: scan-web-ui
	with:
	image: "lfeoperatorfabric/of-web-ui:SNAPSHOT"
	fail-build: false
	- name: Upload Anchore Scan Report for web-ui
	uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
	with:
	sarif_file: ${{ steps.scan-web-ui.outputs.sarif }}
	category: web-ui
	- name: Analyse external-diffusion
	uses: anchore/scan-action@7c05671ae9be166aeb155bad2d7df9121823df32 # v6.1.0
	id: scan-cards-external-diffusion
	with:
	image: "lfeoperatorfabric/of-cards-external-diffusion-service:SNAPSHOT"
	fail-build: false
	- name: Upload Anchore Scan Report for external-diffusion
	uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
	with:
	sarif_file: ${{ steps.scan-cards-external-diffusion.outputs.sarif }}
	category: external-diffusion
	- name: Analyse cards reminder
	uses: anchore/scan-action@7c05671ae9be166aeb155bad2d7df9121823df32 # v6.1.0
	id: scan-cards-reminder
	with:
	image: "lfeoperatorfabric/of-cards-reminder:SNAPSHOT"
	fail-build: false
	- name: Upload Anchore Scan Report for cards-reminder
	uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
	with:
	sarif_file: ${{ steps.scan-cards-reminder.outputs.sarif }}
	category: cards-reminder
	- name: Analyse supervisor
	uses: anchore/scan-action@7c05671ae9be166aeb155bad2d7df9121823df32 # v6.1.0
	id: scan-supervisor
	with:
	image: "lfeoperatorfabric/of-supervisor:SNAPSHOT"
	fail-build: false
	- name: Upload Anchore Scan Report for supervisor
	uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
	with:
	sarif_file: ${{ steps.scan-supervisor.outputs.sarif }}
	category: supervisor

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Anchore Container Scan #2184

Workflow file

Anchore Container Scan #2184

Jobs

Run details

Workflow file for this run