.github/workflows/build.yml

name: Check images

on:
  workflow_dispatch:

jobs:
  tester1:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: Trim CI agent
      run: |
        chmod +x free_disk_space.sh
        ./free_disk_space.sh
    - name: Download dep-scan
      run: |
        oras pull ghcr.io/appthreat/vdb:v5 -o $VDB_HOME
        oras pull ghcr.io/owasp-dep-scan/dep-scan:v5 -o $VDB_HOME
        chmod +x ./depscan/depscan-linux-amd64
      env:
        VDB_HOME: depscan        
    - name: Perform scan
      run: |
        mkdir -p results
        for i in `cat repo-list.txt`; do
          echo "Scanning image $i"
          ./depscan/depscan-linux-amd64 -t docker -i $i --reports-dir results/dep-$i --no-error
          echo "----------------------"
        done
        ls -ltr results
      env:
        VDB_HOME: depscan
        COLUMNS: 270
    - uses: actions/upload-artifact@v1
      with:
        path: ./results
        name: depscan-results1

  tester2:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: Trim CI agent
      run: |
        chmod +x free_disk_space.sh
        ./free_disk_space.sh
    - name: Download dep-scan
      run: |
        oras pull ghcr.io/appthreat/vdb:v5 -o $VDB_HOME
        oras pull ghcr.io/owasp-dep-scan/dep-scan:v5 -o $VDB_HOME
        chmod +x ./depscan/depscan-linux-amd64
      env:
        VDB_HOME: depscan
    - name: Perform scan
      run: |
        mkdir -p results
        for i in `cat repo-list-2.txt`; do
          echo "Scanning image $i"
          ./depscan/depscan-linux-amd64 -t docker -i $i --reports-dir results/dep-$i --no-error
          echo "----------------------"
        done
        ls -ltr results
      env:
        VDB_HOME: depscan
        COLUMNS: 270
    - uses: actions/upload-artifact@v1
      with:
        path: ./results
        name: depscan-results2

  tester3:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: Trim CI agent
      run: |
        chmod +x free_disk_space.sh
        ./free_disk_space.sh
    - name: Download dep-scan
      run: |
        oras pull ghcr.io/appthreat/vdb:v5 -o $VDB_HOME
        oras pull ghcr.io/owasp-dep-scan/dep-scan:v5 -o $VDB_HOME
        chmod +x ./depscan/depscan-linux-amd64
      env:
        VDB_HOME: depscan
    - name: Perform scan
      run: |
        mkdir -p results
        for i in `cat repo-list-3.txt`; do
          echo "Scanning image $i"
          ./depscan/depscan-linux-amd64 -t docker -i $i --reports-dir results/dep-$i --no-error
          echo "----------------------"
        done
        ls -ltr results
      env:
        VDB_HOME: depscan
        COLUMNS: 270
    - uses: actions/upload-artifact@v1
      with:
        path: ./results
        name: depscan-results3

  tester4:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: Trim CI agent
      run: |
        chmod +x free_disk_space.sh
        ./free_disk_space.sh
    - name: Download dep-scan
      run: |
        oras pull ghcr.io/appthreat/vdb:v5 -o $VDB_HOME
        oras pull ghcr.io/owasp-dep-scan/dep-scan:v5 -o $VDB_HOME
        chmod +x ./depscan/depscan-linux-amd64
      env:
        VDB_HOME: depscan
    - name: Perform scan
      run: |
        mkdir -p results
        for i in `cat repo-list-4.txt`; do
          echo "Scanning image $i"
          ./depscan/depscan-linux-amd64 -t docker -i $i --reports-dir results/dep-$i --no-error
          echo "----------------------"
        done
        ls -ltr results
      env:
        VDB_HOME: depscan
        COLUMNS: 270
    - uses: actions/upload-artifact@v1
      with:
        path: ./results
        name: depscan-results4