Skip to content

Commit

Permalink
1.0.50 Add container scanning for all containers
Browse files Browse the repository at this point in the history
  • Loading branch information
@webpwnized
webpwnized committed Oct 16, 2023
1 parent 2dff7a1 commit 52bb401
Showing 1 changed file with 156 additions and 46 deletions.
202 changes: 156 additions & 46 deletions .github/workflows/build-and-push-to-dockerhub.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ on:
branches:
- 'main'

# Variables used in this module
env:
DATABASE_CONTAINER_NAME: "database"
DATABASE_ADMIN_CONTAINER_NAME: "database_admin"
Expand Down Expand Up @@ -88,73 +89,182 @@ jobs:
push: true
tags: webpwnized/mutillidae:${{ env.DATABASE_CONTAINER_NAME }}-${{ env.VERSION }}

# ----------------------------------------------------------------------------
# Database Admin Container
# ----------------------------------------------------------------------------

-
name: Build and push database_admin container
uses: docker/build-push-action@v5
with:
context: .
file: ./database_admin/Dockerfile
push: true
tags: webpwnized/mutillidae:database_admin
-
name: Build and push database_admin container
name: Build and Export Database Admin Container to Docker
uses: docker/build-push-action@v5
with:
context: .
file: ./database_admin/Dockerfile
push: true
tags: webpwnized/mutillidae:database_admin-${{ env.VERSION }}
file: ./${{ env.DATABASE_ADMIN_CONTAINER_NAME }}/Dockerfile
load: true
tags: webpwnized/mutillidae:${{ env.DATABASE_ADMIN_CONTAINER_NAME }}

-
name: Build and push ldap container
uses: docker/build-push-action@v5
-
name: Run Trivy vulnerability scanner on Database Admin Container
uses: aquasecurity/trivy-action@master
with:
context: .
file: ./ldap/Dockerfile
push: true
tags: webpwnized/mutillidae:ldap
-
name: Build and push ldap container
uses: docker/build-push-action@v5
image-ref: 'webpwnized/mutillidae:${{ env.DATABASE_ADMIN_CONTAINER_NAME }}'
format: 'sarif'
output: '${{ env.DATABASE_ADMIN_CONTAINER_NAME }}-trivy-scan-results.sarif'

-
name: Upload Database Admin Container Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
context: .
file: ./ldap/Dockerfile
push: true
tags: webpwnized/mutillidae:ldap-${{ env.VERSION }}
sarif_file: '${{ env.DATABASE_ADMIN_CONTAINER_NAME }}-trivy-scan-results.sarif'

-
name: Build and push ldap_admin container
name: Build and push Database Admin Container
uses: docker/build-push-action@v5
with:
context: .
file: ./ldap_admin/Dockerfile
file: ./${{ env.DATABASE_ADMIN_CONTAINER_NAME }}/Dockerfile
push: true
tags: webpwnized/mutillidae:ldap_admin
tags: webpwnized/mutillidae:${{ env.DATABASE_ADMIN_CONTAINER_NAME }}

-
name: Build and push ldap_admin container
name: Build and push Database Admin Container with version number
uses: docker/build-push-action@v5
with:
context: .
file: ./ldap_admin/Dockerfile
file: ./${{ env.DATABASE_ADMIN_CONTAINER_NAME }}/Dockerfile
push: true
tags: webpwnized/mutillidae:ldap_admin-${{ env.VERSION }}
tags: webpwnized/mutillidae:${{ env.DATABASE_ADMIN_CONTAINER_NAME }}-${{ env.VERSION }}

# ----------------------------------------------------------------------------
# LDAP Container
# ----------------------------------------------------------------------------

-
name: Build and push www container
uses: docker/build-push-action@v5
with:
context: .
file: ./www/Dockerfile
push: true
tags: webpwnized/mutillidae:www
name: Build and Export LDAP Container to Docker
uses: docker/build-push-action@v5
with:
context: .
file: ./${{ env.LDAP_CONTAINER_NAME }}/Dockerfile
load: true
tags: webpwnized/mutillidae:${{ env.LDAP_CONTAINER_NAME }}

-
name: Run Trivy vulnerability scanner on LDAP Container
uses: aquasecurity/trivy-action@master
with:
image-ref: 'webpwnized/mutillidae:${{ env.LDAP_CONTAINER_NAME }}'
format: 'sarif'
output: '${{ env.LDAP_CONTAINER_NAME }}-trivy-scan-results.sarif'

-
name: Upload LDAP Container Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: '${{ env.LDAP_CONTAINER_NAME }}-trivy-scan-results.sarif'

-
name: Build and push www container
uses: docker/build-push-action@v5
with:
context: .
file: ./www/Dockerfile
push: true
tags: webpwnized/mutillidae:www-${{ env.VERSION }}
name: Build and push LDAP Container
uses: docker/build-push-action@v5
with:
context: .
file: ./${{ env.LDAP_CONTAINER_NAME }}/Dockerfile
push: true
tags: webpwnized/mutillidae:${{ env.LDAP_CONTAINER_NAME }}

-
name: Build and push LDAP Container with version number
uses: docker/build-push-action@v5
with:
context: .
file: ./${{ env.LDAP_CONTAINER_NAME }}/Dockerfile
push: true
tags: webpwnized/mutillidae:${{ env.LDAP_CONTAINER_NAME }}-${{ env.VERSION }}

# ----------------------------------------------------------------------------
# LDAP Admin Container
# ----------------------------------------------------------------------------

-
name: Build and Export LDAP Admin Container to Docker
uses: docker/build-push-action@v5
with:
context: .
file: ./${{ env.LDAP_ADMIN_CONTAINER_NAME }}/Dockerfile
load: true
tags: webpwnized/mutillidae:${{ env.LDAP_ADMIN_CONTAINER_NAME }}

-
name: Run Trivy vulnerability scanner on LDAP Admin Container
uses: aquasecurity/trivy-action@master
with:
image-ref: 'webpwnized/mutillidae:${{ env.LDAP_ADMIN_CONTAINER_NAME }}'
format: 'sarif'
output: '${{ env.LDAP_ADMIN_CONTAINER_NAME }}-trivy-scan-results.sarif'

-
name: Upload LDAP Admin Container Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: '${{ env.LDAP_ADMIN_CONTAINER_NAME }}-trivy-scan-results.sarif'

-
name: Build and push LDAP Admin Container
uses: docker/build-push-action@v5
with:
context: .
file: ./${{ env.LDAP_ADMIN_CONTAINER_NAME }}/Dockerfile
push: true
tags: webpwnized/mutillidae:${{ env.LDAP_ADMIN_CONTAINER_NAME }}

-
name: Build and push LDAP Admin Container with version number
uses: docker/build-push-action@v5
with:
context: .
file: ./${{ env.LDAP_ADMIN_CONTAINER_NAME }}/Dockerfile
push: true
tags: webpwnized/mutillidae:${{ env.LDAP_ADMIN_CONTAINER_NAME }}-${{ env.VERSION }}

# ----------------------------------------------------------------------------
# Web Container
# ----------------------------------------------------------------------------

-
name: Build and Export Web Container to Docker
uses: docker/build-push-action@v5
with:
context: .
file: ./${{ env.WEB_CONTAINER_NAME}}/Dockerfile
load: true
tags: webpwnized/mutillidae:${{ env.WEB_CONTAINER_NAME}}

-
name: Run Trivy vulnerability scanner on Web Container
uses: aquasecurity/trivy-action@master
with:
image-ref: 'webpwnized/mutillidae:${{ env.WEB_CONTAINER_NAME}}'
format: 'sarif'
output: '${{ env.WEB_CONTAINER_NAME}}-trivy-scan-results.sarif'

-
name: Upload Web Container Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: '${{ env.WEB_CONTAINER_NAME}}-trivy-scan-results.sarif'

-
name: Build and push Web Container
uses: docker/build-push-action@v5
with:
context: .
file: ./${{ env.WEB_CONTAINER_NAME}}/Dockerfile
push: true
tags: webpwnized/mutillidae:${{ env.WEB_CONTAINER_NAME}}

-
name: Build and push Web Container with version number
uses: docker/build-push-action@v5
with:
context: .
file: ./${{ env.WEB_CONTAINER_NAME}}/Dockerfile
push: true
tags: webpwnized/mutillidae:${{ env.WEB_CONTAINER_NAME}}-${{ env.VERSION }}

0 comments on commit 52bb401

Please sign in to comment.