srcmesh-workshop · Jerry0807 · Jul 5, 2024 · Jul 5, 2024 · Jul 5, 2024 · Jul 5, 2024
diff --git a/.cache/ans/single/compose.yaml b/.cache/ans/single/compose.yaml
@@ -1,7 +1,7 @@
 services:
   nginx:
     image: nginx:latest
-    container_name: nginx
+    container_name: user-15-nginx
     volumes:
       - ./nginx.conf:/etc/nginx/nginx.conf:ro
     ports:
@@ -21,7 +21,7 @@ services:
 
   wordpress:
     image: wordpress:latest
-    container_name: wordpress
+    container_name: user-15-wordpress
     environment:
       WORDPRESS_DB_HOST: db
       WORDPRESS_DB_USER: exampleuser
@@ -42,8 +42,8 @@ services:
     restart: unless-stopped
 
   db:
-    image: mysql:8
-    container_name: db
+    image: mysql:latest
+    container_name: user-15-db
     environment:
       MYSQL_ROOT_PASSWORD: examplepass
       MYSQL_DATABASE: exampledb

diff --git a/.github/workflows/.image-scan.yaml.swg b/.github/workflows/.image-scan.yaml.swg
diff --git a/.github/workflows/.image-scan.yaml.swh b/.github/workflows/.image-scan.yaml.swh
diff --git a/.github/workflows/.image-scan.yaml.swi b/.github/workflows/.image-scan.yaml.swi
diff --git a/.github/workflows/.image-scan.yaml.swj b/.github/workflows/.image-scan.yaml.swj
diff --git a/.github/workflows/.image-scan.yaml.swk b/.github/workflows/.image-scan.yaml.swk
diff --git a/.github/workflows/.image-scan.yaml.swl b/.github/workflows/.image-scan.yaml.swl
diff --git a/.github/workflows/.image-scan.yaml.swm b/.github/workflows/.image-scan.yaml.swm
diff --git a/.github/workflows/.image-scan.yaml.swn b/.github/workflows/.image-scan.yaml.swn
diff --git a/.github/workflows/.image-scan.yaml.swo b/.github/workflows/.image-scan.yaml.swo
diff --git a/.github/workflows/.image-scan.yaml.swp b/.github/workflows/.image-scan.yaml.swp
diff --git a/.github/workflows/image-scan.yaml b/.github/workflows/image-scan.yaml
@@ -1,26 +1,49 @@
 name: Docker Image Scan
-
-on:
+'on':
   push:
-    branches: [ main ]
+    branches:
+      - main
   pull_request:
-    branches: [ main ]
-
+    branches:
+      - main
 jobs:
   scan:
     name: Scan Docker Image
-    runs-on: [runner-2, self-hosted]
+    runs-on: [runner-1,self-hosted]
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
-
-      # https://github.com/aquasecurity/trivy-action?tab=readme-ov-file#inputs
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: 'ubuntu:impish-20210711'
-          format: 'table'
-          exit-code: '1'
+          image-ref: 'nginx:latest'
+          format: table
+          exit-code: '0'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: ' wordpress:latest'
+          format: table
+          exit-code: '0'
           ignore-unfixed: true
           vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH'
+          severity: 'CRITICAL,HIGH'
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'mysql:latest'
+          format: table
+          exit-code: '0'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
+      - name: Test
+        run:
+          cd .cache/ans/single
+          docker compose up -d          
+        shell: bash
+
+