-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathaction.yaml
74 lines (74 loc) · 2.76 KB
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
name: "lw-scanner"
description: "Scan container images for vulnerabilities with Lacework's Inline Scanner"
author: "Lacework"
inputs:
LW_ACCOUNT_NAME:
description: "Your Lacework account name. For example, if your login URL is mycompany.lacework.net, the account name is mycompany."
required: true
LW_ACCESS_TOKEN:
description: "Authorization token. Copy and paste the token from the inline scanner integration created in the Lacework console."
required: true
IMAGE_NAME:
description: "Name of the container image you want to scan, for example, `node`."
required: true
IMAGE_TAG:
description: "Tag of the container image you want to scan, for example, `12.18.2-alpine`."
required: true
SCAN_LIBRARY_PACKAGES:
description: "Also scan software packages. (Default: true)"
required: false
default: "true"
SAVE_RESULTS_IN_LACEWORK:
description: "Save results to Lacework. (Default: false)"
required: false
default: "false"
SAVE_BUILD_REPORT:
description: "Saves the evaluation report as a local HTML file. (Default: false)"
required: false
default: "false"
BUILD_REPORT_FILE_NAME:
description: "Specify custom file name for the HTML evalutation report, by default the name is OS_TYPE-IMAGE_DIGEST_SHA256.html."
required: false
DEBUGGING:
description: "Enable debug logging for scanner"
required: false
default: "false"
PRETTY_OUTPUT:
description: "Renders table borders and adds color to Severity column in the output of the evaluation results. (Default: true)"
required: false
default: "true"
SIMPLE_OUTPUT:
description: "Displays evaluation results without Introduced in `Layer` and `File Path` columns. (Default: true)"
required: false
default: "true"
COLOR_OUTPUT:
description: "Colors are rendered in evaluation results when the `PRETTY_OUTPUT` option is enabled. (Default: true)"
required: false
default: "true"
ADDITIONAL_PARAMETERS:
description: "Additional parameters/flags. Only global and `image evalute` flags are supported."
required: false
RESULTS_IN_GITHUB_SUMMARY:
description: "Display results in github summary. (Default: true)"
required: false
default: "true"
runs:
using: "docker"
image: "Dockerfile"
args:
- ${{ inputs.LW_ACCOUNT_NAME }}
- ${{ inputs.LW_ACCESS_TOKEN }}
- ${{ inputs.IMAGE_NAME }}
- ${{ inputs.IMAGE_TAG }}
- ${{ inputs.SCAN_LIBRARY_PACKAGES }}
- ${{ inputs.SAVE_RESULTS_IN_LACEWORK }}
- ${{ inputs.SAVE_BUILD_REPORT }}
- ${{ inputs.BUILD_REPORT_FILE_NAME }}
- ${{ inputs.DEBUGGING }}
- ${{ inputs.PRETTY_OUTPUT }}
- ${{ inputs.SIMPLE_OUTPUT }}
- ${{ inputs.COLOR_OUTPUT }}
- ${{ inputs.ADDITIONAL_PARAMETERS }}
branding:
icon: "alert-triangle"
color: "blue"