From c32a372fe294469caae26d3c5dc598eb4f53bedf Mon Sep 17 00:00:00 2001 From: Colin Adler Date: Mon, 12 Jun 2023 22:32:36 +0000 Subject: [PATCH 1/2] feat: add prisma cloud image scanning --- .github/workflows/security.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index cb185b328f31d..9578fa8dc79fb 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -10,7 +10,9 @@ on: schedule: # Run every 6 hours Monday-Friday! - - cron: "0 0,6,12,18 * * 1-5" + - cron: "0 0/6 * * 1-5" + + push: # Cancel in-progress runs for pull requests when developers push # additional changes @@ -117,6 +119,14 @@ jobs: make -j "$image_job" echo "image=$(cat "$image_job")" >> $GITHUB_OUTPUT + - name: Run Prisma Cloud image scan + uses: PaloAltoNetworks/prisma-cloud-scan@v1 + with: + pcc_console_url: ${{ secrets.PRISMA_CLOUD_URL }} + pcc_user: ${{ secrets.PRISMA_CLOUD_ACCESS_KEY }} + pcc_pass: ${{ secrets.PRISMA_CLOUD_SECRET_KEY }} + image_name: ${{ steps.build.outputs.image }} + - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@41f05d9ecffa2ed3f1580af306000f734b733e54 with: From 7ff1c494216a88902a491fdfd56ccf700e3df311 Mon Sep 17 00:00:00 2001 From: Colin Adler Date: Mon, 12 Jun 2023 23:06:36 +0000 Subject: [PATCH 2/2] fixup! feat: add prisma cloud image scanning --- .github/workflows/security.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index 9578fa8dc79fb..90bbcc78ca32f 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -12,8 +12,6 @@ on: # Run every 6 hours Monday-Friday! - cron: "0 0/6 * * 1-5" - push: - # Cancel in-progress runs for pull requests when developers push # additional changes concurrency: