Docker image vulnerability scan with grype (#441)

* vulnerability scan (#381)
0xERR0R · Feb 22, 2022 · df9866f · df9866f
1 parent 6270b6b
commit df9866f
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/.github/workflows/development-docker.yml b/.github/workflows/development-docker.yml
@@ -42,3  42,14 @@ jobs:
           tags: |
             ghcr.io/0xerr0r/blocky:${{ steps.extract_branch.outputs.branch }}
             spx01/blocky:${{ steps.extract_branch.outputs.branch }}
       - name: Scan image
         uses: anchore/scan-action@v3
         id: scan
         with:
           image: "spx01/blocky:${{ steps.extract_branch.outputs.branch }}"
           fail-build: false
           acs-report-enable: true
       - name: upload Anchore scan SARIF report
         uses: github/codeql-action/upload-sarif@v1
         with:
           sarif_file: ${{ steps.scan.outputs.sarif }}