From 26783759af4ee123984b8b258ad165431f121158 Mon Sep 17 00:00:00 2001
From: Andrij Orlenko <94047334+lotyp@users.noreply.github.com>
Date: Sat, 6 Apr 2024 20:32:27 +0300
Subject: [PATCH] ci: add docker scout (#53)

---
 .github/workflows/test.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 2bcd716..8aa4320 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -105,3 +105,15 @@ jobs:
           export IMAGE_TEMPLATE=${{ matrix.php_version }}-${{ matrix.php_type }}-${{ matrix.os_name }}
           export IMAGE_TAG=${{ env.DOCKER_NAMESPACE }}:latest
           make test
+
+      - name: 🔍 Run Docker Scout
+        id: docker-scout
+        uses: docker/scout-action@v1
+        with:
+          command: cves,recommendations
+          ignore-unchanged: true
+          only-fixed: true
+          only-severities: critical,high
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          dockerhub-user: ${{ secrets.DOCKER_USERNAME }}
+          dockerhub-password: ${{ secrets.DOCKER_TOKEN }}