| Input Values | Description | Optional/Required | Default Values |
|---|---|---|---|
| dockerfile_context | The context of the Dockerfile to use for building the image. | Optional | Dockerfile |
| endpoint | The URL of the CSPM panel to push the scan results to. | Optional | cspm.demo.accuknox.com |
| token | The token for authenticating with the CSPM panel. | Required | - |
| tenant_id | The ID of the tenant associated with the CSPM panel. | Required | - |
| repository_name | Docker image repository name. | Required | - |
| tag | Add version tag to the repository. | Optional | ${{ github.run_id }} |
| severity | Allows selection of severity level for the scan. Options include UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL. | Optional | UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL |
| exit_code | Specifies pipeline behavior upon detecting specified severity level. '0' (continue) or '1' (halt). | Optional | 0 |
| label | The label created in AccuKnox SaaS for associating scan results. | Required | - |
Steps for using Install-action in a workflow yaml file
- Checkout into the repo using checkout action.
- Utilize the accuknox/container-scan-action repository with version tag v0.0.1.
Navigate to Tokens within the Settings section in the sidebar:
Click on Create Token:
After clicking on 'Create Token,' the Tenant ID will be visible.
Click on Generate:
- name: Run AccuKnox CSPM Scan
uses: accuknox/[email protected]
with:
token:
tenant_id: #Required
repository_name: #Required
label: #Required
endpoint: #Optional
tag: #Optional
exit_code: #Optional
severity: #Optional
dockerfile_context: #Optionalname: AccuKnox Scan Workflow
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
accuknox-cicd:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@main
- name: Run AccuKnox CSPM Scan
uses: accuknox/[email protected]
with:
token: ${{ secrets.TOKEN }}
tenant_id: ${{ secrets.TENANT_ID }}
repository_name: ${{ github.repository }}
label: ${{ secrets.LABEL }}