PD-2758: Add Slide-tags docker #585
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#This action was copied over from WARP's repo. | |
#It is used to scan docker images for vulnerabilities. | |
name: DSP AppSec Trivy Checks | |
on: | |
pull_request: | |
branches: [ "develop", "master" ] | |
paths-ignore: | |
- '**/README.md' | |
jobs: | |
build-and-scan: | |
name: DSP AppSec Trivy check | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
context: | |
- 3rd-party-tools/arrays-picard-private | |
- 3rd-party-tools/dragmap | |
- 3rd-party-tools/gatk | |
- 3rd-party-tools/illumina-iaap-autocall | |
- 3rd-party-tools/picard-python | |
- 3rd-party-tools/verify-bam-id | |
- 3rd-party-tools/samtools | |
- 3rd-party-tools/samtools-picard-bwa | |
- 3rd-party-tools/samtools-star | |
- 3rd-party-tools/zcall | |
- 3rd-party-tools/bcftools-vcftools | |
- 3rd-party-tools/eagle | |
- 3rd-party-tools/minimac4 | |
- 3rd-party-tools/fgbio | |
- 3rd-party-tools/umi-tools | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: broadinstitute/dsp-appsec-trivy-action@v1 | |
with: | |
context: ${{ matrix.context }} | |
#TODO: Check if we really need this. This seems to scan a prebuilt image that we didn't build. | |
prebuilt-scan: | |
name: DSP AppSec Trivy check | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
image: | |
- us.gcr.io/broad-gotc-prod/picard-cloud:2.26.10 | |
steps: | |
- uses: broadinstitute/dsp-appsec-trivy-action@v1 | |
with: | |
image: ${{ matrix.image }} |