Update Dockerfile #26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Prisma Cloud Compute Image Scan | |
| on: [push, pull_request] | |
| env: | |
| IMAGE_NAME: ${{ github.repository }}:${{ github.sha }} | |
| jobs: | |
| # Jobs are ran independently from each other, so build and scan needs to be in a single job. | |
| build-and-scan: | |
| name: Build and scan image | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out the repository | |
| uses: actions/checkout@v2 | |
| # Defaults are sufficient generally | |
| # https://github.com/actions/checkout#usage | |
| - name: Download twistcli from the Prisma Cloud Compute Console | |
| run: | | |
| curl --user ${{ secrets.PC_USER }}:${{ secrets.PC_PASS }} --output ./twistcli ${{ secrets.PC_CONSOLE }}/api/v1/util/twistcli | |
| chmod a+x ./twistcli | |
| - name: Update Dockerfile | |
| run: | | |
| ./twistcli app-embedded embed \ | |
| --app-id $IMAGE_NAME \ | |
| --user ${{ secrets.PC_USER }} \ | |
| --password ${{ secrets.PC_PASS }} \ | |
| --address ${{ secrets.PC_CONSOLE }} \ | |
| --data-folder /twistlock \ | |
| Dockerfile | |
| #- name: Build the image | |
| # run: docker build -t $IMAGE_NAME . | |
| #- name: Scan the image | |
| # run: ./twistcli images scan --address ${{ secrets.PC_CONSOLE }} --user ${{ secrets.PC_USER }} --password ${{ secrets.PC_PASS }} --details $IMAGE_NAME |