A GitHub action for scanning a Docker image with the Twistlock
twistcli
tool.
A simple example of building a Docker image and scanning it with Twistlock.
name: Build and scan image
on: [push]
jobs:
build_and_scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
# Build the image we're going to scan.
- run: docker build -t myapp:test ./test
# Run the Twistlock action.
- uses: dequelabs/action-twistlock@main
with:
tl-username: ${{ secrets.TWISTLOCK_USERNAME }}
tl-password: ${{ secrets.TWISTLOCK_PASSWORD }}
tl-console-url: https://harbor.dequelabs.com
docker-image: myapp:test
The action accepts the following inputs:
tl-username
(required): The username to access the Twistlock console.tl-password
(required): The password the the user specified bytl-username
.tl-console-url
(required): The complete URI for the Twistlock console, including protocol and port. For example, https://console.mycompany.org:8083.tl-cli-version
: The version of the Twistlock CLI. Defaults to v1.docker-image
(required): The docker image to scan.
MPL 2.0
Copyright (c) Deque Systems, Inc