Skip to content
/ parse-docker-scout-output Public

A GitHub Action designed to parse the output from Docker Scout.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rennf93/parse-docker-scout-output

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
.github/workflows
.github/workflows
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
entrypoint.sh
entrypoint.sh
 
 
requirements.pip
requirements.pip
 
 
run.py
run.py
 
 
test_run.py
test_run.py
 
 

Repository files navigation

parse-docker-scout-output

parse-docker-scout-output is a GitHub Action designed to parse the output from Docker Scout. It processes Docker Scout's recommendations, CVEs, and SBOM outputs, and uploads the results as PDF to your GitHub repository. This action is ideal for enhancing the visibility of Docker image security within your projects.

Features

  • Parses Docker Scout recommendations, CVEs, and SBOM outputs
  • Uploads the results as PDF to your GitHub repository
  • Sets environment variables with the URLs of these images

Outputs

This action does not produce direct outputs but uploads PDFs to the repository and sets environment variables with the URLs of these PDFs.

Usage

To use this action in your workflow, add the following step:

- name: Parse Docker Scout Output
  uses: rennf93/parse-docker-scout-output@v1
  with:
    PAT: ${{ secrets.PAT }}
    TARGET_REPO: ${{ secrets.TARGET_REPO }}
    TARGET_BRANCH: ${{ secrets.TARGET_BRANCH }}
    TARGET_FOLDER: ${{ secrets.TARGET_FOLDER }}
    RECOMMENDATIONS: ${{ steps.docker-scout.outputs.recommendations }}
    CVES_OUTPUT: ${{ steps.docker-scout.outputs.cves }}
    SBOM_OUTPUT: ${{ steps.docker-scout.outputs.sbom }}
    IMAGE_DETAILS: ${{ steps.docker-scout.outputs.image_details }}

Inputs

Input Name Description Required
TARGET_REPO Target GitHub Repo to upload images to true
TARGET_BRANCH Target Repo's Branch to upload images to true
TARGET_FOLDER Folder in the repository to upload images to true
RECOMMENDATIONS Docker Scout recommendations HTML output true
CVES_OUTPUT Docker Scout CVEs HTML output false
SBOM_OUTPUT Docker Scout SBOM HTML output false
IMAGE_DETAILS Docker image details JSON false
PAT GitHub Personal Access Token for authentication true

Example Workflow

Here is an example of how to integrate this action into a GitHub workflow:

name: Example Workflow

on:
  push:
    branches:
      - main
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v2

      - name: Docker Scout Analysis
        id: docker-scout
        uses: docker/[email protected]
        with:
          command: cves,recommendations,compare,sbom
          image: <image-name>:<image-tag>

      - name: Parse Docker Scout Output
        uses: rennf93/[email protected]
        with:
          PAT: ${{ secrets.PAT }}
          TARGET_REPO: ${{ secrets.TARGET_REPO }}
          TARGET_BRANCH: ${{ secrets.TARGET_BRANCH }}
          TARGET_FOLDER: ${{ secrets.TARGET_FOLDER }}
          RECOMMENDATIONS: ${{ steps.docker-scout.outputs.recommendations }}
          CVES_OUTPUT: ${{ steps.docker-scout.outputs.cves }}
          SBOM_OUTPUT: ${{ steps.docker-scout.outputs.sbom }}
          IMAGE_DETAILS: ${{ steps.docker-scout.outputs.image_details }}

License

This project is licensed under the MIT License - see the LICENSE file for details.

About

A GitHub Action designed to parse the output from Docker Scout.

Topics

monitoring reporting

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 10

v1.9 Latest
Jul 7, 2024
+ 9 releases

Packages

 
 
 

Languages