Skip to content

Commit

Permalink
Update updates.yaml
Browse files Browse the repository at this point in the history 
Signed-off-by: John Osborne <johnfosborneiii@gmail.com>
  • Loading branch information
@johnfosborneiii
johnfosborneiii authored Nov 21, 2024
1 parent f51bfe5 commit 7d06968
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/updates.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ jobs:
- name: Cosign Verify
if: env.UNIQUE_TAGS_CHANGED == 'true'
id: cosign-verify
continue-on-error: false
run: |
OLD_IMAGE="${{ env.REDIS_IMAGE }}:${{ env.CURRENT_UNIQUE_TAG }}"
NEW_IMAGE="${{ env.REDIS_IMAGE }}:${{ env.LATEST_UNIQUE_TAG }}"
Expand All @@ -91,15 +92,14 @@ jobs:
$NEW_IMAGE | jq
echo "OLD_IMAGE=$OLD_IMAGE" >> $GITHUB_ENV
echo "NEW_IMAGE=$NEW_IMAGE" >> $GITHUB_ENV
continue-on-error: false
echo "NEW_IMAGE=$NEW_IMAGE" >> $GITHUB_ENV
- name: Run chainctl images diff
if: env.UNIQUE_TAGS_CHANGED == 'true'
id: diff_vulnerabilities
run: |
CVE_LIST_JSON=$(chainctl images diff "${{ OLD_IMAGE }}" "${{ NEW_IMAGE }}" 2>/dev/null | jq -c '[.vulnerabilities.removed[] | select(.severity == "Critical" or .severity == "High") | .id]')
CVE_LIST_JSON=$(chainctl images diff "${{ env.OLD_IMAGE }}" "${{ env.NEW_IMAGE }}" 2>/dev/null | jq -c '[.vulnerabilities.removed[] | select(.severity == "Critical" or .severity == "High") | .id]')
echo "CVE_LIST=$CVE_LIST_JSON" >> $GITHUB_ENV
if [ -n "$CVE_LIST_JSON" ]; then
Expand Down

0 comments on commit 7d06968

Please sign in to comment.