diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 9cc50ba..0000000 --- a/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM alpine:3.13.6 - -RUN apk add --no-cache curl - -COPY entrypoint.sh /entrypoint.sh - -ENTRYPOINT ["/entrypoint.sh"] \ No newline at end of file diff --git a/action.yml b/action.yml index 5e752e0..d4c9ff7 100644 --- a/action.yml +++ b/action.yml @@ -19,10 +19,21 @@ inputs: outputs: sarif-report-path: description: 'Path to the SARIF report generated. Relative to the GitHub workspace' + value: ${{ steps.scan-to-sarif.outputs.sarif-report-path }} runs: - using: 'docker' - image: 'Dockerfile' - args: - - ${{ inputs.converter-version }} - - ${{ inputs.input-file }} - - ${{ inputs.output-file }} + using: "composite" + steps: + - id: container-scan-to-sarif-downloader + run: | + mkdir -p ~/.local/bin + curl -L "https://github.com/rm3l/container-scan-to-sarif/releases/download/${{ inputs.converter-version }}/container-scan-to-sarif_${{ inputs.converter-version }}_Linux_x86_64.tar.gz" \ + | tar zx -C ~/.local/bin + chmod +x ~/.local/bin/container-scan-to-sarif + shell: bash + - id: scan-to-sarif + run: | + ~/.local/bin/container-scan-to-sarif \ + -input "${{ inputs.input-file }}" \ + -output "${{ inputs.output-file }}" + echo "::set-output name=sarif-report-path::${{ inputs.output-file }}" + shell: bash diff --git a/entrypoint.sh b/entrypoint.sh deleted file mode 100755 index b8216a9..0000000 --- a/entrypoint.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh -l - -CONTAINER_SCAN_TO_SARIF_VERSION="$1" -echo "Installing container-scan-to-sarif (version $CONTAINER_SCAN_TO_SARIF_VERSION)..." -curl -L "https://github.com/rm3l/container-scan-to-sarif/releases/download/${CONTAINER_SCAN_TO_SARIF_VERSION}/container-scan-to-sarif_${CONTAINER_SCAN_TO_SARIF_VERSION}_Linux_x86_64.tar.gz" \ - | tar zx -C /usr/local/bin/ || exit 1 -chmod +x /usr/local/bin/container-scan-to-sarif - -INPUT="$2" -echo "Now running container-scan-to-sarif against file $INPUT..." -OUTPUT_FILE="$2" -/usr/local/bin/container-scan-to-sarif -input "$INPUT" -output "$OUTPUT_FILE" || exit 1 -echo "::set-output name=sarif-report-path::$OUTPUT_FILE"