Skip to content
fortidevsec

update devcontainer.json to use GitHub Container Registry instead of Docker Hub for image source and build command [gitHub-PSA]: This commit updates the devcontainer.json file to use GitHub Container Registry for the image source and build command, instead of Docker Hub. This change is likely being made to improve the security and reliability of the container image by using a private registry. #45

Sign in to view logs

update devcontainer.json to use GitHub Container Registry instead of Docker Hub for image source and build command [gitHub-PSA]: This commit updates the devcontainer.json file to use GitHub Container Registry for the image source and build command, instead of Docker Hub. This change is likely being made to improve the security and reliability of the container image by using a private registry.

update devcontainer.json to use GitHub Container Registry instead of Docker Hub for image source and build command [gitHub-PSA]: This commit updates the devcontainer.json file to use GitHub Container Registry for the image source and build command, instead of Docker Hub. This change is likely being made to improve the security and reliability of the container image by using a private registry. #45

Workflow file for this run

.github/workflows/fortidevsec.yml at 5233b7b
---
name: fortidevsec
on: # yamllint disable-line rule:truthy
pull_request:
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
init:
name: init
runs-on: ubuntu-latest
outputs:
action: ${{ steps.init.outputs.action }}
steps:
- id: init
name: "init"
shell: bash
run: |
if [[ -n "${{ secrets.FORTIDEVSECORGID }}" && -n "${{ secrets.FORTIDEVSECAPPID }}" ]]
then
echo 'action=true' >> "${GITHUB_OUTPUT}"
else
echo 'action=false' >> "${GITHUB_OUTPUT}"
fi
fortidevsec-sast:
needs: [init]
if: needs.init.outputs.action == 'true'
name: https://fortidevsec.forticloud.com/
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
- name: Scan
run: |
env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
#docker pull registry.fortidevsec.forticloud.com/fdevsec_sast:latest
docker run --pull always --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest main s --org-id ${{ secrets.FORTIDEVSECORGID }} --app-id ${{ secrets.FORTIDEVSECAPPID }} --risk_rating 1
#docker run --pull always --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest main s --org-id ${{ secrets.FORTIDEVSECORGID }} --app-id ${{ secrets.FORTIDEVSECAPPID }} --url https://robinmordasiewicz.github.io/devops-toolkit/