scan.yml action to use the main action

chainguard-dev / rumble

Data collection for base image CVEs etc.

Apache License 2.0

4 stars 8 forks source link

Open jdolitsky opened 1 year ago

jdolitsky commented 1 year ago

scan.yml is currently not using the github action provided by this repo.

modify the action to allow BigQuery writes and disable attestation

jdolitsky commented 1 year ago

Example (trivy):

    - uses: chainguard-dev/rumble@main
      with:
        image: "${{ matrix.apkoBaseTag }}:${{ matrix.apkoTargetTag }}"
        scanner: trivy