fix: revert if syntax

fix: experiment corrected if grammar
fix: if grammar
2023-04-24 12:31:27 +12:00 · 2023-04-24 12:18:06 +12:00 · 2023-04-24 12:06:18 +12:00 · 2023-04-24 12:03:05 +12:00 · 2023-04-24 12:00:44 +12:00 · 2023-04-24 11:37:54 +12:00
1 changed files with 20 additions and 17 deletions
--- a/.github/workflows/nightly-security-scan.yml
+++ b/.github/workflows/nightly-security-scan.yml
@@ -9,8 +9,8 @@ jobs:
  client-dependencies:
    name: Client Dependency Check
    runs-on: ubuntu-latest
-    if: >- # only run for develop branch
-      github.ref == 'refs/heads/develop' 
+    if: >-
+      github.ref == 'refs/heads/fix/EE-3059/security-scan-debug'
    outputs:
      js: ${{ steps.set-matrix.outputs.js_result }}
    steps:
@@ -33,7 +33,7 @@ jobs:

      - name: develop scan report export to html
        run: |
-          $(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:latest summary --report-type=snyk --path="/data/snyk.json" --output-type=table --export --export-filename="/data/js-result")
+          $(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:pr5 summary --report-type=snyk --path="/data/snyk.json" --output-type=table --export --export-filename="/data/js-result")

      - name: upload html file as artifact
        uses: actions/upload-artifact@v3
@@ -44,14 +44,15 @@ jobs:
      - name: analyse vulnerabilities 
        id: set-matrix
        run: |
-          result=$(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:latest summary --report-type=snyk --path="/data/snyk.json" --output-type=matrix)
+          result=$(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:pr5 summary --report-type=snyk --path="/data/snyk.json" --output-type=matrix)
          echo "js_result=${result}" >> $GITHUB_OUTPUT
+          echo "${result}"

  server-dependencies:
    name: Server Dependency Check
    runs-on: ubuntu-latest
    if: >- # only run for develop branch
-      github.ref == 'refs/heads/develop' 
+      github.ref == 'refs/heads/fix/EE-3059/security-scan-debug'
    outputs:
      go: ${{ steps.set-matrix.outputs.go_result }}
    steps:
@@ -82,7 +83,7 @@ jobs:

      - name: develop scan report export to html
        run: |
-          $(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:latest summary --report-type=snyk --path="/data/snyk.json" --output-type=table --export --export-filename="/data/go-result")
+          $(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:pr5 summary --report-type=snyk --path="/data/snyk.json" --output-type=table --export --export-filename="/data/go-result")

      - name: upload html file as artifact
        uses: actions/upload-artifact@v3
@@ -93,14 +94,15 @@ jobs:
      - name: analyse vulnerabilities
        id: set-matrix
        run: |
-          result=$(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:latest summary --report-type=snyk --path="/data/snyk.json" --output-type=matrix)
+          result=$(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:pr5 summary --report-type=snyk --path="/data/snyk.json" --output-type=matrix)
          echo "go_result=${result}" >> $GITHUB_OUTPUT
+          echo "${result}"

  image-vulnerability:
    name: Image Vulnerability Check
    runs-on: ubuntu-latest
    if: >-
-      github.ref == 'refs/heads/develop'
+      github.ref == 'refs/heads/fix/EE-3059/security-scan-debug'
    outputs:
      image: ${{ steps.set-matrix.outputs.image_result }}
    steps:
@@ -118,7 +120,7 @@ jobs:

      - name: develop scan report export to html
        run: |
-          $(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:latest summary --report-type=trivy --path="/data/image-trivy.json" --output-type=table --export --export-filename="/data/image-result")
+          $(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:pr5 summary --report-type=trivy --path="/data/image-trivy.json" --output-type=table --export --export-filename="/data/image-result")

      - name: upload html file as artifact
        uses: actions/upload-artifact@v3
@@ -129,15 +131,16 @@ jobs:
      - name: analyse vulnerabilities
        id: set-matrix
        run: |
-          result=$(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:latest summary --report-type=trivy --path="/data/image-trivy.json" --output-type=matrix)
+          result=$(docker run --rm -v ${{ github.workspace }}:/data portainerci/code-security-report:pr5 summary --report-type=trivy --path="/data/image-trivy.json" --output-type=matrix)
          echo "image_result=${result}" >> $GITHUB_OUTPUT
+          echo "${result}"

  result-analysis:
    name: Analyse Scan Results
    needs: [client-dependencies, server-dependencies, image-vulnerability]
    runs-on: ubuntu-latest
    if: >-
-      github.ref == 'refs/heads/develop'
+      github.ref == 'refs/heads/fix/EE-3059/security-scan-debug'
    strategy:
      matrix: 
        js: ${{fromJson(needs.client-dependencies.outputs.js)}}
@@ -146,12 +149,12 @@ jobs:
    steps:
      - name: display the results of js, Go, and image scan
        run: |
-          echo ${{ matrix.js.status }}
-          echo ${{ matrix.go.status }}
-          echo ${{ matrix.image.status }}
-          echo ${{ matrix.js.summary }}
-          echo ${{ matrix.go.summary }}
-          echo ${{ matrix.image.summary }}
+          echo "${{ matrix.js.status }}"
+          echo "${{ matrix.go.status }}"
+          echo "${{ matrix.image.status }}"
+          echo "${{ matrix.js.summary }}"
+          echo "${{ matrix.go.summary }}"
+          echo "${{ matrix.image.summary }}"

      - name: send message to Slack 
        if: >-
Author	SHA1	Message	Date
oscarzhou	8d3ea4335f	fix: revert if syntax	2023-04-24 12:31:27 +12:00
oscarzhou	9e5c056051	fix: experiment corrected if grammar	2023-04-24 12:18:06 +12:00
oscarzhou	c8ebd563ba	fix: if grammar	2023-04-24 12:06:18 +12:00
oscarzhou	62a586d35b	fix: equal symbol	2023-04-24 12:03:05 +12:00
oscarzhou	82809e32b1	fix: update workflow syntax with custom env	2023-04-24 12:00:44 +12:00
oscarzhou	7bedb7b0d2	fix: introduce workflow env	2023-04-24 11:37:54 +12:00
oscarzhou	ee3271829f	fix: wrap matrix result with double quotes	2023-04-24 11:33:44 +12:00
oscarzhou	e1218283bf	debug with new code-security-report image	2023-04-24 10:35:22 +12:00