diff --git a/.github/workflows/patched.yml b/.github/workflows/patched.yml index 4fdbdd3..497d162 100644 --- a/.github/workflows/patched.yml +++ b/.github/workflows/patched.yml @@ -3,7 +3,7 @@ name: "aws-lambda-ruby-patched:3.2" on: pull_request: paths: - - "./Dockerfile-ruby3.2-patched" + - "Dockerfile-ruby3.2-patched" jobs: build-and-push: @@ -31,22 +31,22 @@ jobs: uses: docker/build-push-action@v6 with: context: . - file: ./bigquery/Dockerfile4parquet + file: ./Dockerfile-ruby3.2-patched push: true platforms: linux/amd64,linux/arm64 - tags: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ inputs.job-name }} - - name: Scan - id: scan - uses: anchore/scan-action@v6 - continue-on-error: true - with: - image: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ inputs.job-name }} - fail-build: true - output-format: sarif - severity-cutoff: low - add-cpes-if-none: true - - name: Update PR with vulnerability scan results - uses: forward3d/comment-failure-details@v1.0.0 - with: - report: ${{ steps.scan.outputs.sarif }} - image-name: ${{ inputs.job-name }} + tags: ${{ secrets.DOCKER_HUB_USERNAME }}/aws-lambda-ruby-patched:3.2 + # - name: Scan + # id: scan + # uses: anchore/scan-action@v6 + # continue-on-error: true + # with: + # image: ${{ secrets.DOCKER_HUB_USERNAME }}/aws-lambda-ruby-patched:3.2 + # fail-build: true + # output-format: sarif + # severity-cutoff: low + # add-cpes-if-none: true + # - name: Update PR with vulnerability scan results + # uses: forward3d/comment-failure-details@v1.0.0 + # with: + # report: ${{ steps.scan.outputs.sarif }} + # image-name: aws-lambda-ruby-patched:3.2 diff --git a/Dockerfile-ruby3.2-patched b/Dockerfile-ruby3.2-patched index ab3b0ef..c138693 100644 --- a/Dockerfile-ruby3.2-patched +++ b/Dockerfile-ruby3.2-patched @@ -1,4 +1,4 @@ -# GoBuilder +# Go Builder # Use an official Go image that has the security fix (>=1.24.6). # We use -alpine to keep the builder stage small and fast. #