katalon-studio · huyennguyen-katalon · Aug 25, 2023 · Aug 25, 2023 · Aug 25, 2023 · Aug 25, 2023
diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml
@@ -10,6 +10,8 @@ jobs:
  env:
  KS_VERSION: 8.6.6
  KS_VERSION_TAG: latest
+ TEAM: gen4
+ SERVICE: katalonstudio-docker-vulnerability-reports
  steps:
  - name: Checkout
  uses: actions/checkout@master
@@ -57,7 +59,13 @@ jobs:
  run: |
  chmod u+x ./build/security-report/security_scan.sh
  ./build/security-report/security_scan.sh $KS_VERSION_TAG ${{ secrets.SNYK_AUTH_TOKEN }}
- - name: Upload reports
- run: |
- chmod u+x ./build/security-report/upload.sh
- ./build/security-report/upload.sh $KS_VERSION ${{ secrets.SEC_AWS_S3_BUCKET }} ${{ secrets.SEC_AWS_ACCESS_KEY_ID }} ${{ secrets.SEC_AWS_SECRET_ACCESS_KEY }}
+ - name: configure aws credentials
+ uses: aws-actions/configure-aws-credentials@v2
+ with:
+ role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/katalon-github-oidc-federation
+ role-session-name: github-actions-$TEAM-$SERVICE
+ aws-region: ${{ vars.AWS_REGION }}
+ - name: Upload Reports to S3
+ run: |
+ aws s3 cp ./build/security-report/security_report_trivy.html s3://${{ secrets.AWS_S3_BUCKET }}/$KS_VERSION/security_report_trivy.html
+ aws s3 cp ./build/security-report/security_report_snyk.html s3://${{ secrets.AWS_S3_BUCKET }}/$KS_VERSION/security_report_snyk.html