action.yaml

name: 'Veinmind'
description: 'Scan images for security issues with veinmind-tools'
author: 'Veinmind Team'
branding:
  color: purple
  icon: check-circle
inputs:
  scan-action:
    description: 'Scan action for scanning security issues'
    default: 'scan image'
  image-ref:
    description: 'image reference'
    required: true
  exit-code:
    description: 'exit-code when specified security issue found'
    required: false
    default: '0'
  output:
    description: 'save results to output file'
    required: false
    default: 'report.json'
runs:
  using: 'composite'
  steps:
    - run: docker pull veinmind/veinmind-runner:latest && docker run --rm --mount 'type=bind,source=/,target=/host,readonly,bind-propagation=rslave' -v /var/run/docker.sock:/var/run/docker.sock -v `pwd`:/tool/resource veinmind/veinmind-runner ${{ inputs.scan-action }} ${{ inputs.image-ref }} -o ${{ inputs.output }} -e ${{ inputs.exit-code }}
      shell: bash
    - uses: actions/upload-artifact@v2
      with:
        name: ${{ inputs.output }}
        path: ${{ inputs.output }}