Skip to content

support for complianceThreshold #66

support for complianceThreshold

support for complianceThreshold #66

name: Kubescape scanning for image vulnerabilities
on: [push, pull_request]
jobs:
kubescape-scan-image:
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@v3
- uses: kubescape/github-action@main
continue-on-error: true
with:
image: quay.io/kubescape/kubescape
format: sarif
outputFile: results.sarif
# severityThreshold: "critical"
# # Username for a private registry with the image
# # Username for the image registry account you use to retrieve and scan images
# registryUsername: ${{secrets.SCANNER_REGISTRY_USERNAME}}
# # Password for a private registry with the image
# registryPassword: ${{secrets.REGISTRY_PASSWORD}}
# # Fail at or above the specified vulnerability severity threshold
# Kubescape cloud account ID
# account: ${{secrets.KUBESCAPE_ACCOUNT}}
- name: Upload Kubescape scan results to Github Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif