changing workflow

.github/workflows/ecr-push-scan.yml

@@ -25,6 +25,15 @@ jobs:
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@62f4f872db3836360b72999f4b87f1ff13310f3a
 
+      - name: Build and tag image
+        id: build-image
+        env:
+          IMAGE_TAG: main
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+        run: |
+          # Build a docker container 
+          docker build -f docker-prerender/Dockerfile -t $ECR_REGISTRY/${{ vars.ECR_REPOSITORY }}:$IMAGE_TAG .
+
       - name: Sysdig CLI scanner
         run: |
           chmod +x ./scripts/deploy_scan.sh
@@ -34,14 +43,12 @@ jobs:
           sysdig_api: ${{ secrets.SYSDIG_API }}
           sysdig_api_url: ${{ vars.SYSDIG_API_URL }}
 
-      - name: Build, tag, and push image to Amazon ECR
+      - name: Push image to Amazon ECR
         id: build-image
         env:
           ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
           IMAGE_TAG: main
         run: |
-          # Build a docker container and
           # push it to ECR
-          docker build -f docker-prerender/Dockerfile -t $ECR_REGISTRY/${{ vars.ECR_REPOSITORY }}:$IMAGE_TAG .
           docker push $ECR_REGISTRY/${{ vars.ECR_REPOSITORY }}:$IMAGE_TAG
           echo "image=$ECR_REGISTRY/${{ vars.ECR_REPOSITORY }}:$IMAGE_TAG" >> $GITHUB_OUTPUT

scripts/deploy_scan.sh

@@ -2,4 +2,4 @@
 
 curl -LO "https://download.sysdig.com/scanning/bin/sysdig-cli-scanner/$(curl -L -s https://download.sysdig.com/scanning/sysdig-cli-scanner/latest_version.txt)/linux/amd64/sysdig-cli-scanner"
 chmod +x ./sysdig-cli-scanner
-SECURE_API_TOKEN=$sysdig_api ./sysdig-cli-scanner --apiurl $sysdig_api_url --policy coto_log4j --console-log koton00beng/prerender:main
+SECURE_API_TOKEN=$sysdig_api ./sysdig-cli-scanner --apiurl $sysdig_api_url --policy coto_log4j --console-log 992382711296.dkr.ecr.us-east-1.amazonaws.com/prerender:main