Skip to content
/ mcvs-docker-action Public

Mission Critical Vulnerability Scanner (MCVS) Docker Action. Build a lean docker image without high and critical vulnerabilities and push it to the GitHub packages.

License

MIT license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

schubergphilis/mcvs-docker-action

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
.github
.github
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 

Repository files navigation

mcvs-docker-action

Mission Critical Vulnerability Scanner (MCVS) Docker Action is a custom GitHub Action that consists of the following steps:

  • YAML linting.
  • Dockerfile linting.
  • Determining image name and tag.
  • Docker image building.
  • Docker image linting.
  • Detecting waste in the docker image.
  • Code and docker image security scanning using Grype and Trivy.
  • Logging in and pushing the image to GitHub packages.

Create a .github/workflows/docker.yml file with the following content:

---
name: Docker
"on": push
jobs:
  mcvs-docker-action:
    runs-on: ubuntu-20.04
    steps:
      - uses: actions/[email protected]
      - uses: schubergphilis/[email protected]
        with:
          dockle-accept-key: libcrypto3,libssl3
          token: ${{ secrets.GITHUB_TOKEN }}

About

Mission Critical Vulnerability Scanner (MCVS) Docker Action. Build a lean docker image without high and critical vulnerabilities and push it to the GitHub packages.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

21 watching

Forks

1 fork
Report repository

Releases 11

fix: Dive and Dockle incompatible with docker v26 Latest
Jun 13, 2024
+ 10 releases

Contributors 3

  •  
  •  
  •