Skip to content

Adapt to json v1 format #78

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 11 commits into from
Jun 11, 2025
Merged

Adapt to json v1 format #78

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
a662f0c
Prepare to V1 migration with a recent and updated scan report
airadier Jun 9, 2025
59721e1
Adapt action to support JSON V1 format
airadier Jun 10, 2025
775b677
Fix layers in summary
airadier Jun 10, 2025
02eb2ab
Fix packages in layers
airadier Jun 10, 2025
6c213eb
Fix package sorting in layers
airadier Jun 10, 2025
e2539e1
Bump CLI to 1.22.2
airadier Jun 10, 2025
ada43ce
Bump to 1.22.3
airadier Jun 10, 2025
b70101f
Update docs and minimum version to 1.18.0
airadier Jun 10, 2025
f3aee4f
Bump to version 6.0.0
airadier Jun 10, 2025
2f73534
Remove unused report-test.json
airadier Jun 10, 2025
754f139
Update documentation to use @v6 instead of @v5
airadier Jun 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/ci-scan.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ jobs:
continue-on-error: true
with:
# Old scanner version
cli-scanner-version: 1.8.1
cli-scanner-version: 1.18.0
# Tag of the image to analyse
image-tag: sysdiglabs/dummy-vuln-app:latest
# API token for Sysdig Scanning auth
Expand Down
13 changes: 6 additions & 7 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ This action performs analysis on a specific container image and posts the result
|------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------|
| `cli-scanner-url` | URL to `sysdig-cli-scanner` binary download. The action will detect the runner OS and architecture. For more info about the Sysdig CLI Scanner download visit [the official documentation](https://docs.sysdig.com/en/docs/installation/sysdig-secure/install-vulnerability-cli-scanner/). | |
| `mode` | Mode of operation. Can be "vm" or "iac". | `vm` |
| `cli-scanner-version` | Custom sysdig-cli-scanner version to download. If using iac mode, minimum required version is 1.9.0. Please note that for VM mode the Action has only been tested with the current default version and it is not guaranteed that it will work as expected with other versions. | `1.22.1` |
| `cli-scanner-version` | Custom sysdig-cli-scanner version to download. Minimum required version is 1.18.0. Please note that for VM mode the Action has only been tested with the current default version and it is not guaranteed that it will work as expected with other versions. | `1.22.3` |
| `registry-user` | Registry username to authenticate to while pulling the image to scan. | |
| `registry-password` | Registry password to authenticate to while pulling the image to scan. | |
| `stop-on-failed-policy-eval` | Fail the job if the Policy Evaluation is Failed. | |
Expand Down Expand Up @@ -64,7 +64,7 @@ You need to assign an ID to the Sysdig Scan Action step, like:

- name: Scan image
id: scan
uses: sysdiglabs/scan-action@v5
uses: sysdiglabs/scan-action@v6
with:
...
```
Expand Down Expand Up @@ -95,8 +95,7 @@ The `if: success() || failure()` option makes sure the SARIF report is uploaded

- name: Scan image
id: scan
uses: sysdiglabs/scan-action@v5
with:
uses: sysdiglabs/scan-action@v6
image-tag: sysdiglabs/dummy-vuln-app:latest
sysdig-secure-token: ${{ secrets.SYSDIG_SECURE_TOKEN }}

Expand All @@ -114,7 +113,7 @@ The `if: success() || failure()` option makes sure the SARIF report is uploaded
...

- name: Scan image
uses: sysdiglabs/scan-action@v5
uses: sysdiglabs/scan-action@v6
with:
image-tag: "sysdiglabs/dummy-vuln-app:latest"
sysdig-secure-token: ${{ secrets.SYSDIG_SECURE_TOKEN }}
Expand All @@ -126,10 +125,10 @@ The `if: success() || failure()` option makes sure the SARIF report is uploaded
...

- name: Scan infrastructure
uses: sysdiglabs/scan-action@v5
uses: sysdiglabs/scan-action@v6
with:
sysdig-secure-token: ${{ secrets.SYSDIG_SECURE_TOKEN }}
cli-scanner-version: 1.9.0
cli-scanner-version: 1.22.3
mode: iac
iac-scan-path: ./terraform
```
Expand Down
4 changes: 2 additions & 2 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@ inputs:
description: URL to sysdig-cli-scanner binary download
required: false
cli-scanner-version:
description: Custom sysdig-cli-scanner version to download
default: "1.22.1"
description: Custom sysdig-cli-scanner version to download. Oldest supported version is 1.18.0.
default: "1.22.3"
required: false
registry-user:
description: Registry username.
Expand Down
Loading
Loading