github-actions-library/wait-for-ecr-scan-and-get-s.../README.md

# Wait for ECR Scan and get Sarif GitHub Action

### Easily upload coverage reports to Codecov from GitHub Actions

## Usage

To integrate with your Actions pipeline, specify the name of this repository with a branch or tag number (`main` is recommended) as a `step` within your `workflow.yml` file.

Inside your `.github/workflows/workflow.yml` file:

```yaml
steps:
  - uses: discoveryedu/github-actions-library/wait-for-ecr-scan-and-get-sarif@main
    with:
      repository_name: "docker/repo"
      image_tag: "main"
      aws_region: "us-east-2"
      output_file: "report.sarif"
```

After you run this shared workflow you might want to upload the results to github.
That looks like this:

```yaml
steps:
  - name: Upload SARIF file
    uses: github/codeql-action/upload-sarif@v3
    with:
      sarif_file: report.sarif
      category: security
```

## Arguments

This Action supports inputs from the user. These inputs, along with their descriptions and usage contexts, are listed in the table below:

| Input             | Description                                                                                            |  Required  |
| :---------------- | :----------------------------------------------------------------------------------------------------- | :--------: |
| `repository_name` | ECR repository name                                                                                    | \*Required |
| `image_tag`       | Docker image tag                                                                                       | \*Required |
| `aws_region`      | Region, like us-east-1                                                                                 | \*Required |
| `output_file`     | File location to place the Sarif output file. It is json, but it sometimes uses the `.sarif` extension | \*Required |

### Example full `workflow.yml` using this Action

```yaml
name: "Build container image"
on:
  push:
    branches:
      - main
  workflow_dispatch:
jobs:
  ecr-scan:
    runs-on: ubuntu-latest

    steps:
      # [Probably build and push image to ECR here]

      - name: Run ECR Scan and Get SARIF Report
        uses: sartography/github-actions-library/wait-for-ecr-scan-and-get-sarif@main
        with:
          repository_name: "infr/testcloud2202"
          image_tag: "main"
          aws_region: "us-east-2"
          output_file: "report.sarif"

      - name: Upload SARIF report as artifact
        uses: actions/upload-artifact@v3
        with:
          name: sarif-report
          path: report.sarif

      - name: Upload SARIF file
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: report.sarif
          category: security
```
added REAMDE for ecr sarif action w/ burnettk 2024-08-16 16:39:05 +00:00			`# Wait for ECR Scan and get Sarif GitHub Action`

			`### Easily upload coverage reports to Codecov from GitHub Actions`

			`## Usage`

			To integrate with your Actions pipeline, specify the name of this repository with a branch or tag number (`main` is recommended) as a `step` within your `workflow.yml` file.

			Inside your `.github/workflows/workflow.yml` file:

			```yaml
			`steps:`
			`- uses: discoveryedu/github-actions-library/wait-for-ecr-scan-and-get-sarif@main`
			`with:`
			`repository_name: "docker/repo"`
			`image_tag: "main"`
			`aws_region: "us-east-2"`
			`output_file: "report.sarif"`
			```

			`After you run this shared workflow you might want to upload the results to github.`
			`That looks like this:`

			```yaml
			`steps:`
			`- name: Upload SARIF file`
			`uses: github/codeql-action/upload-sarif@v3`
			`with:`
			`sarif_file: report.sarif`
			`category: security`
			```

			`## Arguments`

			`This Action supports inputs from the user. These inputs, along with their descriptions and usage contexts, are listed in the table below:`

			`\| Input \| Description \| Required \|`
			`\| :---------------- \| :----------------------------------------------------------------------------------------------------- \| :--------: \|`
			\| `repository_name` \| ECR repository name \| \*Required \|
			\| `image_tag` \| Docker image tag \| \*Required \|
			\| `aws_region` \| Region, like us-east-1 \| \*Required \|
			\| `output_file` \| File location to place the Sarif output file. It is json, but it sometimes uses the `.sarif` extension \| \*Required \|

			### Example full `workflow.yml` using this Action

			```yaml
			`name: "Build container image"`
			`on:`
			`push:`
			`branches:`
			`- main`
			`workflow_dispatch:`
			`jobs:`
			`ecr-scan:`
			`runs-on: ubuntu-latest`

			`steps:`
			`# [Probably build and push image to ECR here]`

			`- name: Run ECR Scan and Get SARIF Report`
			`uses: sartography/github-actions-library/wait-for-ecr-scan-and-get-sarif@main`
			`with:`
			`repository_name: "infr/testcloud2202"`
			`image_tag: "main"`
			`aws_region: "us-east-2"`
			`output_file: "report.sarif"`

			`- name: Upload SARIF report as artifact`
			`uses: actions/upload-artifact@v3`
			`with:`
			`name: sarif-report`
			`path: report.sarif`

			`- name: Upload SARIF file`
			`uses: github/codeql-action/upload-sarif@v3`
			`with:`
			`sarif_file: report.sarif`
			`category: security`
			```