lacework #37

Summary
Jobs
- scan
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/lacework.yml at 363b47c

	name: lacework

	on:
	push:
	tags:
	- '*'

	jobs:
	scan:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v2
	- uses: coursier/cache-action@v3
	- name: Set up JDK
	uses: actions/setup-java@v1
	with:
	java-version: 11
	- name: Get current version
	id: ver
	run: echo "::set-output name=tag::${GITHUB_REF#refs/tags/}"

	- name: Install lacework scanner
	run: \|
	sudo apt-get update
	sudo apt-get -y install curl
	curl -L https://github.com/lacework/lacework-vulnerability-scanner/releases/latest/download/lw-scanner-linux-amd64 -o lw-scanner
	chmod +x lw-scanner

	- name: Build docker images
	run: sbt docker:publishLocal

	- name: Scan snowplow-s3-loader focal
	env:
	LW_ACCESS_TOKEN: ${{ secrets.LW_ACCESS_TOKEN }}
	LW_ACCOUNT_NAME: ${{ secrets.LW_ACCOUNT_NAME }}
	LW_SCANNER_SAVE_RESULTS: ${{ !contains(steps.version.outputs.tag, 'rc') }}
	run: ./lw-scanner image evaluate snowplow/snowplow-s3-loader ${{ steps.ver.outputs.tag }} --build-id ${{ github.run_id }} --no-pull

	- name: Scan snowplow-s3-loader distroless
	env:
	LW_ACCESS_TOKEN: ${{ secrets.LW_ACCESS_TOKEN }}
	LW_ACCOUNT_NAME: ${{ secrets.LW_ACCOUNT_NAME }}
	LW_SCANNER_SAVE_RESULTS: ${{ !contains(steps.version.outputs.tag, 'rc') }}
	run: ./lw-scanner image evaluate snowplow/snowplow-s3-loader ${{ steps.ver.outputs.tag }}-distroless --build-id ${{ github.run_id }} --no-pull

	- name: Scan snowplow-s3-loader lzo
	env:
	LW_ACCESS_TOKEN: ${{ secrets.LW_ACCESS_TOKEN }}
	LW_ACCOUNT_NAME: ${{ secrets.LW_ACCOUNT_NAME }}
	LW_SCANNER_SAVE_RESULTS: ${{ !contains(steps.version.outputs.tag, 'rc') }}
	run: ./lw-scanner image evaluate snowplow/snowplow-s3-loader ${{ steps.ver.outputs.tag }}-lzo --build-id ${{ github.run_id }} --no-pull

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

lacework #37

Workflow file

lacework #37

Jobs

Run details

Workflow file for this run