Skip to content

Commit

Permalink
fix: login to container registry before scan to support private repos
Browse files Browse the repository at this point in the history
  • Loading branch information
c0rydoras committed May 4, 2024
1 parent d6370fe commit af2de92
Showing 1 changed file with 14 additions and 7 deletions.
21 changes: 14 additions & 7 deletions action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,20 @@ branding:
runs:
using: composite
steps:
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ inputs.registry }}
username: ${{ github.actor }}
password: ${{ inputs.token }}

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ inputs.registry }}
username: ${{ github.actor }}
password: ${{ inputs.token }}

- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
Expand Down Expand Up @@ -63,13 +77,6 @@ runs:
if: ${{ inputs.attest }}
uses: sigstore/[email protected]

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ inputs.registry }}
username: ${{ github.actor }}
password: ${{ inputs.token }}

- name: Convert trivy results to cosign-vuln
if: ${{ inputs.attest && !inputs.digest }}
uses: aquasecurity/[email protected]
Expand Down

0 comments on commit af2de92

Please sign in to comment.