2024-08-14 20:18:49 +00:00
|
|
|
name: "Wait for ECR Scan and Get SARIF"
|
|
|
|
|
description: "Waits for an AWS ECR scan to complete and retrieves the SARIF report."
|
|
|
|
|
author: "Kevin <kburnett@discoveryedu.com>"
|
|
|
|
|
|
|
|
|
|
inputs:
|
|
|
|
|
repository_name:
|
|
|
|
|
description: "The name of the ECR repository."
|
|
|
|
|
required: true
|
|
|
|
|
image_tag:
|
|
|
|
|
description: "The tag of the image to scan."
|
|
|
|
|
required: true
|
|
|
|
|
aws_region:
|
|
|
|
|
description: "The AWS region where the ECR repository is located."
|
|
|
|
|
required: true
|
|
|
|
|
output_file:
|
|
|
|
|
description: "The path to save the SARIF report."
|
|
|
|
|
required: true
|
|
|
|
|
default: "report.sarif"
|
|
|
|
|
|
2024-08-14 20:39:05 +00:00
|
|
|
runs:
|
|
|
|
|
using: "composite"
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out the repository
|
|
|
|
|
uses: actions/checkout@v2
|
|
|
|
|
|
|
|
|
|
- name: Set up Python 3.12
|
|
|
|
|
uses: actions/setup-python@v5.1.1
|
|
|
|
|
with:
|
|
|
|
|
python-version: 3.12
|
|
|
|
|
|
|
|
|
|
- name: Install dependencies
|
2024-08-14 20:44:51 +00:00
|
|
|
shell: bash
|
2024-08-14 20:39:05 +00:00
|
|
|
run: |
|
2024-08-14 20:48:40 +00:00
|
|
|
pip install -r wait-for-ecr-scan-and-get-sarif/requirements.txt
|
2024-08-14 20:39:05 +00:00
|
|
|
|
|
|
|
|
- name: Run the Python script to wait for ECR scan and get SARIF
|
2024-08-14 20:44:51 +00:00
|
|
|
shell: bash
|
2024-08-14 20:39:05 +00:00
|
|
|
run: |
|
2024-08-15 22:30:46 +00:00
|
|
|
python wait-for-ecr-scan-and-get-sarif/wait_for_ecr_scan_and_get_sarif.py \
|
2024-08-14 20:39:05 +00:00
|
|
|
--repository_name ${{ inputs.repository_name }} \
|
|
|
|
|
--image_tag ${{ inputs.image_tag }} \
|
|
|
|
|
--aws_region ${{ inputs.aws_region }} \
|
|
|
|
|
--output_file ${{ inputs.output_file }}
|
|
|
|
|
id: run_script
|
