auto run docker scout v1

zinen · Jan 23, 2024 · d0ea234 · d0ea234
1 parent 245131e
commit d0ea234
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/.github/workflows/get-latest-alpine-release.yml b/.github/workflows/get-latest-alpine-release.yml
@@ -67,3 +67,27 @@ jobs:
           # Check if something changed and then commit
           git diff --quiet HEAD || git commit -m "Auto. A ${{ github.event_name }} added this"
           git push
+
+  check-docker-scout:
+    needs: get-alpine-release-date
+    if: needs.check.outputs.needs-updating == 'false' || github.event_name == 'workflow_dispatch'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Authenticate to Docker
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      # Compare the image built in the pull request with the one in production
+      - name: Docker Scout
+        id: docker-scout
+        #if: ${{ github.event_name == 'pull_request' }}
+        uses: docker/scout-action@v1
+        with:
+          command: compare
+          image: zinen2/alpine-pigpiod:latest
+          #to-env: production
+          ignore-unchanged: true
+          only-severities: critical,high
+          token: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}