diff --git a/.github/workflows/container-vulnerability-scan.yaml b/.github/workflows/container-vulnerability-scan.yaml index 74443bd..c6ae276 100644 --- a/.github/workflows/container-vulnerability-scan.yaml +++ b/.github/workflows/container-vulnerability-scan.yaml @@ -41,7 +41,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Login to DockerHub container registry - if: ${{ inputs.login_dockerhub }} + if: inputs.login_dockerhub uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} @@ -50,30 +50,22 @@ jobs: run: | docker pull aquasec/trivy:${{ inputs.trivy_tag }} - name: Download container image from artifacts if uploaded - if: ${{ inputs.image_artifact_name }} != null && - ${{ inputs.image_artifact_filename }} != null - uses: actions/download-artifact@v2 + if: inputs.image_artifact_name != '' && + inputs.image_artifact_filename != '' + uses: actions/download-artifact@v3.0.2 with: name: ${{ inputs.image_artifact_name }} path: /tmp - name: Load container image file if one is shipped via artifacts - if: ${{ inputs.image_artifact_name }} != null && - ${{ inputs.image_artifact_filename }} != null + if: inputs.image_artifact_name != '' && + inputs.image_artifact_filename != '' run: | docker load --input /tmp/${{ inputs.image_artifact_filename }} - RC=$? - if [ ${RC} -gt 0 ]; then - exit ${RC} - fi - name: Pull container image that should be scanned if no container image is shipped via artifacts - if: ${{ inputs.image_artifact_name }} == null && - ${{ inputs.image_artifact_filename }} == null + if: inputs.image_artifact_name == '' || + inputs.image_artifact_filename == '' run: | docker pull ${{ inputs.image_name }} - RC=$? - if [ ${RC} -gt 0 ]; then - exit ${RC} - fi - name: List available container images in local repository run: | docker image ls -a