Skip to content

Commit

Permalink
WIP: Scan ARM images
Browse files Browse the repository at this point in the history
  • Loading branch information
@apyrgio
apyrgio committed Mar 10, 2025
1 parent 53a9522 commit 934e2ff
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 9 deletions.
18 changes: 14 additions & 4 deletions .github/workflows/scan.yml
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,21 @@
name: Scan latest app and container
on:
push:
branches:
- main
#branches:
# - main
pull_request:
schedule:
- cron: '0 0 * * *' # Run every day at 00:00 UTC.
workflow_dispatch:

jobs:
security-scan-container:
runs-on: ubuntu-latest
strategy:
matrix:
runs-on:
- ubuntu-24.04
- ubuntu-24.04-arm
runs-on: ${{ matrix.runs-on }}
steps:
- name: Checkout
uses: actions/checkout@v4
Expand Down Expand Up @@ -58,7 +63,12 @@ jobs:
severity-cutoff: critical

security-scan-app:
runs-on: ubuntu-latest
strategy:
matrix:
runs-on:
- ubuntu-24.04
- ubuntu-24.04-arm
runs-on: ${{ matrix.runs-on }}
steps:
- name: Checkout
uses: actions/checkout@v4
Expand Down
15 changes: 10 additions & 5 deletions .github/workflows/scan_released.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,17 @@ on:
schedule:
- cron: '0 0 * * *' # Run every day at 00:00 UTC.
workflow_dispatch:
push:

jobs:
security-scan-container:
strategy:
matrix:
include:
- runs-on: ubuntu-latest
- runs-on: ubuntu-24.04
arch: i686
# Do not scan Silicon mac for now to avoid masking release scan results for other plaforms.
# - runs-on: macos-latest
# arch: arm64
- runs-on: ubuntu-24.04-arm
arch: arm64
runs-on: ${{ matrix.runs-on }}
steps:
- name: Checkout
Expand Down Expand Up @@ -55,7 +55,12 @@ jobs:
severity-cutoff: critical

security-scan-app:
runs-on: ubuntu-latest
strategy:
matrix:
runs-on:
- ubuntu-24.04
- ubuntu-24.04-arm
runs-on: ${{ matrix.runs-on }}
steps:
- name: Checkout
uses: actions/checkout@v4
Expand Down

0 comments on commit 934e2ff

Please sign in to comment.