Initial commit

2024-11-26 00:20:26 +01:00
commit 3e9f28acf6
4 changed files with 71 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
 .idea
--- a/11
+++ b/11
@@ -0,0 +1,11 @@
 FROM public.ecr.aws/docker/library/node:22-alpine3.20
 # Install git for gitea actions and ansible
 RUN apk add --no-cache git grype bash
 WORKDIR /usr/src
 COPY entrypoint.sh .
 RUN chmod +x /usr/src/entrypoint.sh
 ENTRYPOINT ["bash","-c","/usr/src/entrypoint.sh"]
--- a/action.yml
+++ b/action.yml
@@ -0,0 +1,21 @@
 name: Docker container scanning
 description: A container scanning tool using grype
 author: Skydust
 # Define your inputs here.
 inputs:
  imageName:
    description: The image name
    required: true
  imagePrefix:
    description: The image prefix
    required: false
    default: ${{ gitea.server_url }}/${{ gitea.repository_owner }}/
  config:
    description: The grype configuration path
    required: false
    default: ""
 runs:
  using: docker
  image: Dockerfile
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -0,0 +1,38 @@
 #!/usr/bin/env bash
 INPUT_IMAGE_NAME=$imageName
 INPUT_IMAGE_PREFIX=$imagePrefix
 INPUT_CONFIG_PATH=$config
 set -e
 # shellcheck disable=SC2155
 export LOWERCASE_INPUT_IMAGE_PREFIX="$(echo "$INPUT_IMAGE_PREFIX" | tr '[:upper:]' '[:lower:]')"
 IMAGE_NAME="$(echo "$LOWERCASE_INPUT_IMAGE_PREFIX" | sed 's/^https\?:\/\///')$INPUT_IMAGE_NAME"
 if [ -n "$DOCKER_CONFIG_BASE64" ]; then
  echo "Retrieving docker config"
  mkdir "$HOME/.docker/"
  echo "$DOCKER_CONFIG_BASE64" | base64 -d > "$HOME/.docker/config.json"
 fi;
 echo "Full image name: $IMAGE_NAME"
 if [ -z "$INPUT_IMAGE_NAME" ]; then
  echo "No image name given."
  exit 1
 fi;
 GRYPE_OPTIONS=("-v")
 if [ -n "$INPUT_CONFIG_PATH" ]; then
  GRYPE_OPTIONS+=("-c" "$INPUT_CONFIG_PATH")
 fi
 GRYPE_OPTIONS+=("registry:${IMAGE_NAME}")
 # shellcheck disable=SC2145
 echo "Running grype container scanning with options: ${GRYPE_OPTIONS[@]}"
 grype "${GRYPE_OPTIONS[@]}"
 exit 0