srcmesh-workshop · Yu-Wen-Huang · Jul 5, 2024 · Jul 5, 2024 · Jul 5, 2024 · Jul 5, 2024
diff --git a/.cache/ans/single/compose.yaml b/.cache/ans/single/compose.yaml
@@ -1,7 +1,7 @@
 services:
   nginx:
     image: nginx:latest
-    container_name: nginx
+    container_name: user-9-nginx
     volumes:
       - ./nginx.conf:/etc/nginx/nginx.conf:ro
     ports:
@@ -21,7 +21,7 @@ services:
 
   wordpress:
     image: wordpress:latest
-    container_name: wordpress
+    container_name: user-9-wordpress
     environment:
       WORDPRESS_DB_HOST: db
       WORDPRESS_DB_USER: exampleuser
@@ -43,7 +43,7 @@ services:
 
   db:
     image: mysql:8
-    container_name: db
+    container_name: user-9-db
     environment:
       MYSQL_ROOT_PASSWORD: examplepass
       MYSQL_DATABASE: exampledb

diff --git a/.github/workflows/image-scan.yaml b/.github/workflows/image-scan.yaml
@@ -9,18 +9,42 @@ on:
 jobs:
   scan:
     name: Scan Docker Image
-    runs-on: [runner-2, self-hosted]
+    runs-on: [runner-1, self-hosted]
+      #runs-on: ubuntu-latest
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
 
       # https://github.com/aquasecurity/trivy-action?tab=readme-ov-file#inputs
-      - name: Run Trivy vulnerability scanner
+      - name: Run Trivy vulnerability scanner:nginx
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: 'ubuntu:impish-20210711'
+          image-ref: 'nginx:latest'
           format: 'table'
-          exit-code: '1'
+          exit-code: '0'
           ignore-unfixed: true
           vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH'
+          severity: 'CRITICAL,HIGH'
+      - name: Run Trivy vulnerability scanner:wordpress
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'wordpress:latest'
+          format: 'table'
+          exit-code: '0'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
+      - name: Run Trivy vulnerability scanner:mysql
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'mysql:8'
+          format: 'table'
+          exit-code: '0'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
+      - name: Test
+        run: |
+          cd .cache/ans/single
+          docker compose up -d
+        shell: bash