45 lines
1.3 KiB
YAML
45 lines
1.3 KiB
YAML
name: "Wait for ECR Scan and Get SARIF"
|
|
description: "Waits for an AWS ECR scan to complete and retrieves the SARIF report."
|
|
author: "Kevin <kburnett@discoveryedu.com>"
|
|
|
|
inputs:
|
|
repository_name:
|
|
description: "The name of the ECR repository."
|
|
required: true
|
|
image_tag:
|
|
description: "The tag of the image to scan."
|
|
required: true
|
|
aws_region:
|
|
description: "The AWS region where the ECR repository is located."
|
|
required: true
|
|
output_file:
|
|
description: "The path to save the SARIF report."
|
|
required: true
|
|
default: "report.sarif"
|
|
|
|
runs:
|
|
using: "composite"
|
|
steps:
|
|
- name: Check out the repository
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Set up Python 3.12
|
|
uses: actions/setup-python@v5.1.1
|
|
with:
|
|
python-version: 3.12
|
|
|
|
- name: Install dependencies
|
|
shell: bash
|
|
run: |
|
|
pip install -r ${{ github.action_path }}/requirements.txt
|
|
|
|
- name: Run the Python script to wait for ECR scan and get SARIF
|
|
shell: bash
|
|
run: |
|
|
python ${{ github.action_path }}/wait_for_ecr_scan_and_get_sarif.py \
|
|
--repository_name ${{ inputs.repository_name }} \
|
|
--image_tag ${{ inputs.image_tag }} \
|
|
--aws_region ${{ inputs.aws_region }} \
|
|
--output_file ${{ inputs.output_file }}
|
|
id: run_script
|