Skip to content

Commit

Permalink
Set grype cpe auto add option
Browse files Browse the repository at this point in the history
  • Loading branch information
saisatishkarra authored Sep 18, 2023
1 parent 617be75 commit 8767311
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions security-actions/scan-docker-image/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,7 @@ runs:
sbom: ${{ steps.meta.outputs.sbom_spdx_file }}
output-format: sarif
fail-build: 'false'
add-cpes-if-none: true
severity-cutoff: ${{ steps.meta.outputs.global_severity_cutoff }}

# Don't fail during report generation
Expand All @@ -130,6 +131,7 @@ runs:
sbom: ${{ steps.meta.outputs.sbom_spdx_file }}
output-format: json
fail-build: 'false'
add-cpes-if-none: true
severity-cutoff: ${{ steps.meta.outputs.global_severity_cutoff }}

- name: Check vulnerability analysis report existence
Expand Down Expand Up @@ -199,6 +201,7 @@ runs:
sbom: ${{ steps.meta.outputs.sbom_spdx_file }}
output-format: table
fail-build: ${{ steps.meta.outputs.global_enforce_build_failure == 'true' && steps.meta.outputs.global_enforce_build_failure || inputs.fail_build }}
add-cpes-if-none: true
severity-cutoff: ${{ steps.meta.outputs.global_severity_cutoff }}

- name: Inspect docker-cis report
Expand Down

0 comments on commit 8767311

Please sign in to comment.