Skip to content
This repository was archived by the owner on Jun 16, 2026. It is now read-only.

Commit e33acf1

Browse files
committed
threading scanner-image
1 parent 41d4b0b commit e33acf1

6 files changed

Lines changed: 68 additions & 2 deletions

File tree

.github/workflows/code-scanning.yml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,12 @@ on:
4040
required: false
4141
default: true
4242

43+
scanner-image:
44+
type: string
45+
required: false
46+
default: "ghcr.io/l3montree-dev/devguard/scanner:main-latest"
47+
description: "The DevGuard scanner image to use."
48+
4349
secrets:
4450
devguard-token:
4551
description: 'DevGuard API token'
@@ -55,6 +61,7 @@ jobs:
5561
path: ${{ inputs.path }}
5662
web-ui: ${{ inputs.web-ui }}
5763
continue-on-open-code-risk: ${{ inputs.continue-on-open-code-risk }}
64+
scanner-image: ${{ inputs.scanner-image }}
5865
secrets:
5966
devguard-token: ${{ secrets.devguard-token }}
6067

@@ -66,6 +73,7 @@ jobs:
6673
path: ${{ inputs.path }}
6774
web-ui: ${{ inputs.web-ui }}
6875
continue-on-open-code-risk: ${{ inputs.continue-on-open-code-risk }}
76+
scanner-image: ${{ inputs.scanner-image }}
6977
secrets:
7078
devguard-token: ${{ secrets.devguard-token }}
7179

@@ -77,6 +85,7 @@ jobs:
7785
path: ${{ inputs.path }}
7886
web-ui: ${{ inputs.web-ui }}
7987
continue-on-open-code-risk: ${{ inputs.continue-on-open-code-risk }}
88+
scanner-image: ${{ inputs.scanner-image }}
8089
secrets:
8190
devguard-token: ${{ secrets.devguard-token }}
8291

@@ -89,5 +98,6 @@ jobs:
8998
fail-on-risk: ${{ inputs.fail-on-risk }}
9099
fail-on-cvss: ${{ inputs.fail-on-cvss }}
91100
web-ui: ${{ inputs.web-ui }}
101+
scanner-image: ${{ inputs.scanner-image }}
92102
secrets:
93103
devguard-token: ${{ secrets.devguard-token }}

.github/workflows/container-lifecycle-nix.yml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,12 @@ on:
7373
required: false
7474
type: string
7575

76+
scanner-image:
77+
type: string
78+
required: false
79+
default: "ghcr.io/l3montree-dev/devguard/scanner:main-latest"
80+
description: "The DevGuard scanner image to use."
81+
7682
secrets:
7783
devguard-token:
7884
required: true
@@ -135,6 +141,7 @@ jobs:
135141
fail-on-cvss: ${{ inputs.fail-on-cvss }}
136142
fail-on-risk: ${{ inputs.fail-on-risk }}
137143
image-suffix: ${{ inputs.artifact-name-suffix }}
144+
scanner-image: ${{ inputs.scanner-image }}
138145
secrets:
139146
devguard-token: ${{ secrets.devguard-token }}
140147

@@ -149,6 +156,7 @@ jobs:
149156
asset-name: ${{ inputs.asset-name }}
150157
api-url: ${{ inputs.api-url }}
151158
image-suffix: ${{ inputs.artifact-name-suffix }}
159+
scanner-image: ${{ inputs.scanner-image }}
152160
secrets:
153161
devguard-token: ${{ secrets.devguard-token }}
154162

@@ -164,6 +172,7 @@ jobs:
164172
api-url: ${{ inputs.api-url }}
165173
artifact-name: ${{ needs.build-image.outputs.artifact-purl }}
166174
image-suffix: ${{ inputs.artifact-name-suffix }}
175+
scanner-image: ${{ inputs.scanner-image }}
167176
secrets:
168177
devguard-token: ${{ secrets.devguard-token }}
169178

@@ -179,5 +188,6 @@ jobs:
179188
api-url: ${{ inputs.api-url }}
180189
artifact-name: ${{ needs.build-image.outputs.artifact-purl }}
181190
image-suffix: ${{ inputs.artifact-name-suffix }}
191+
scanner-image: ${{ inputs.scanner-image }}
182192
secrets:
183193
devguard-token: ${{ secrets.devguard-token }}

.github/workflows/container-lifecycle.yml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,12 @@ on:
6464
type: string
6565
required: false
6666

67+
scanner-image:
68+
type: string
69+
required: false
70+
default: "ghcr.io/l3montree-dev/devguard/scanner:main-latest"
71+
description: "The DevGuard scanner image to use."
72+
6773
secrets:
6874
devguard-token:
6975
description: 'DevGuard API token'
@@ -88,6 +94,7 @@ jobs:
8894
disable-artifact-registry-as-image-store: ${{ inputs.disable-artifact-registry-as-image-store }}
8995
artifact-name: ${{ inputs.artifact-name }}
9096
image-suffix: ${{ inputs.image-suffix }}
97+
scanner-image: ${{ inputs.scanner-image }}
9198
secrets:
9299
devguard-token: ${{ secrets.devguard-token }}
93100
build-args: ${{ secrets.build-args }}
@@ -105,6 +112,7 @@ jobs:
105112
web-ui: ${{ inputs.web-ui }}
106113
artifact-name: ${{ inputs.artifact-name }}
107114
image-suffix: ${{ inputs.image-suffix }}
115+
scanner-image: ${{ inputs.scanner-image }}
108116
secrets:
109117
devguard-token: ${{ secrets.devguard-token }}
110118

@@ -117,6 +125,7 @@ jobs:
117125
api-url: ${{ inputs.api-url }}
118126
image-already-in-registry: ${{ inputs.disable-artifact-registry-as-image-store }}
119127
image-suffix: ${{ inputs.image-suffix }}
128+
scanner-image: ${{ inputs.scanner-image }}
120129
secrets:
121130
devguard-token: ${{ secrets.devguard-token }}
122131

@@ -129,6 +138,7 @@ jobs:
129138
asset-name: ${{ inputs.asset-name }}
130139
artifact-name: ${{ inputs.artifact-name }}
131140
image-suffix: ${{ inputs.image-suffix }}
141+
scanner-image: ${{ inputs.scanner-image }}
132142
secrets:
133143
devguard-token: ${{ secrets.devguard-token }}
134144

@@ -141,5 +151,6 @@ jobs:
141151
asset-name: ${{ inputs.asset-name }}
142152
artifact-name: ${{ inputs.artifact-name }}
143153
image-suffix: ${{ inputs.image-suffix }}
154+
scanner-image: ${{ inputs.scanner-image }}
144155
secrets:
145156
devguard-token: ${{ secrets.devguard-token }}

.github/workflows/full-nix.yml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,11 @@ on:
8484
required: false
8585
type: string
8686
default: 'garage'
87+
scanner-image:
88+
type: string
89+
required: false
90+
default: "ghcr.io/l3montree-dev/devguard/scanner:main-latest"
91+
description: "The DevGuard scanner image to use."
8792
secrets:
8893
devguard-token:
8994
required: true
@@ -163,6 +168,7 @@ jobs:
163168
fail-on-cvss: ${{ inputs.fail-on-cvss }}
164169
fail-on-risk: ${{ inputs.fail-on-risk }}
165170
image-suffix: ${{ inputs.artifact-name-suffix }}-amd64
171+
scanner-image: ${{ inputs.scanner-image }}
166172
secrets:
167173
devguard-token: ${{ secrets.devguard-token }}
168174

@@ -180,6 +186,7 @@ jobs:
180186
fail-on-cvss: ${{ inputs.fail-on-cvss }}
181187
fail-on-risk: ${{ inputs.fail-on-risk }}
182188
image-suffix: ${{ inputs.artifact-name-suffix }}-arm64
189+
scanner-image: ${{ inputs.scanner-image }}
183190
secrets:
184191
devguard-token: ${{ secrets.devguard-token }}
185192

@@ -194,6 +201,7 @@ jobs:
194201
asset-name: ${{ inputs.asset-name }}
195202
api-url: ${{ inputs.api-url }}
196203
image-suffix: ${{ inputs.artifact-name-suffix }}-amd64
204+
scanner-image: ${{ inputs.scanner-image }}
197205
secrets:
198206
devguard-token: ${{ secrets.devguard-token }}
199207

@@ -208,6 +216,7 @@ jobs:
208216
asset-name: ${{ inputs.asset-name }}
209217
api-url: ${{ inputs.api-url }}
210218
image-suffix: ${{ inputs.artifact-name-suffix }}-arm64
219+
scanner-image: ${{ inputs.scanner-image }}
211220
secrets:
212221
devguard-token: ${{ secrets.devguard-token }}
213222

@@ -277,6 +286,7 @@ jobs:
277286
api-url: ${{ inputs.api-url }}
278287
artifact-name: ${{ needs.build-amd64.outputs.artifact-purl }}
279288
image-suffix: ${{ inputs.artifact-name-suffix }}-amd64
289+
scanner-image: ${{ inputs.scanner-image }}
280290
secrets:
281291
devguard-token: ${{ secrets.devguard-token }}
282292

@@ -292,6 +302,7 @@ jobs:
292302
api-url: ${{ inputs.api-url }}
293303
artifact-name: ${{ needs.build-arm64.outputs.artifact-purl }}
294304
image-suffix: ${{ inputs.artifact-name-suffix }}-arm64
305+
scanner-image: ${{ inputs.scanner-image }}
295306
secrets:
296307
devguard-token: ${{ secrets.devguard-token }}
297308

@@ -307,6 +318,7 @@ jobs:
307318
api-url: ${{ inputs.api-url }}
308319
artifact-name: ${{ needs.build-amd64.outputs.artifact-purl }}
309320
image-suffix: ${{ inputs.artifact-name-suffix }}-amd64
321+
scanner-image: ${{ inputs.scanner-image }}
310322
secrets:
311323
devguard-token: ${{ secrets.devguard-token }}
312324

@@ -322,5 +334,6 @@ jobs:
322334
api-url: ${{ inputs.api-url }}
323335
artifact-name: ${{ needs.build-arm64.outputs.artifact-purl }}
324336
image-suffix: ${{ inputs.artifact-name-suffix }}-arm64
337+
scanner-image: ${{ inputs.scanner-image }}
325338
secrets:
326339
devguard-token: ${{ secrets.devguard-token }}

.github/workflows/full-with-nix.yml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,11 @@ on:
5555
type: boolean
5656
required: false
5757
default: true
58+
scanner-image:
59+
type: string
60+
required: false
61+
default: "ghcr.io/l3montree-dev/devguard/scanner:main-latest"
62+
description: "The DevGuard scanner image to use."
5863
secrets:
5964
devguard-token:
6065
required: true
@@ -80,6 +85,7 @@ jobs:
8085
fail-on-risk: ${{ inputs.fail-on-risk }}
8186
fail-on-cvss: ${{ inputs.fail-on-cvss }}
8287
continue-on-open-code-risk: ${{ inputs.continue-on-open-code-risk }}
88+
scanner-image: ${{ inputs.scanner-image }}
8389
secrets:
8490
devguard-token: ${{ secrets.devguard-token }}
8591

@@ -110,6 +116,7 @@ jobs:
110116
fail-on-cvss: ${{ inputs.fail-on-cvss }}
111117
fail-on-risk: ${{ inputs.fail-on-risk }}
112118
image-suffix: ${{ inputs.artifact-name-suffix }}
119+
scanner-image: ${{ inputs.scanner-image }}
113120
secrets:
114121
devguard-token: ${{ secrets.devguard-token }}
115122

@@ -124,6 +131,7 @@ jobs:
124131
asset-name: ${{ inputs.asset-name }}
125132
api-url: ${{ inputs.api-url }}
126133
image-suffix: ${{ inputs.artifact-name-suffix }}
134+
scanner-image: ${{ inputs.scanner-image }}
127135
secrets:
128136
devguard-token: ${{ secrets.devguard-token }}
129137

@@ -139,6 +147,7 @@ jobs:
139147
api-url: ${{ inputs.api-url }}
140148
artifact-name: ${{ needs.build-image.outputs.artifact-purl }}
141149
image-suffix: ${{ inputs.artifact-name-suffix }}
150+
scanner-image: ${{ inputs.scanner-image }}
142151
secrets:
143152
devguard-token: ${{ secrets.devguard-token }}
144153

@@ -154,5 +163,6 @@ jobs:
154163
api-url: ${{ inputs.api-url }}
155164
artifact-name: ${{ needs.build-image.outputs.artifact-purl }}
156165
image-suffix: ${{ inputs.artifact-name-suffix }}
166+
scanner-image: ${{ inputs.scanner-image }}
157167
secrets:
158168
devguard-token: ${{ secrets.devguard-token }}

.github/workflows/full.yml

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ on:
1717
type: string
1818
required: false
1919
default: "/github/workspace"
20-
20+
2121
web-ui:
2222
type: string
2323
required: false
@@ -75,6 +75,12 @@ on:
7575
default: ''
7676
description: "The name of the artifact you are building. This is useful when a single pipeline builds more than a single artifact like a container with a shell inside and one without. If you build a single artifact - leave it empty."
7777

78+
scanner-image:
79+
type: string
80+
required: false
81+
default: "ghcr.io/l3montree-dev/devguard/scanner:main-latest"
82+
description: "The DevGuard scanner image to use."
83+
7884
secrets:
7985
devguard-token:
8086
description: 'DevGuard API token'
@@ -99,6 +105,7 @@ jobs:
99105
fail-on-risk: ${{ inputs.fail-on-risk }}
100106
fail-on-cvss: ${{ inputs.fail-on-cvss }}
101107
continue-on-open-code-risk: ${{ inputs.continue-on-open-code-risk }}
108+
scanner-image: ${{ inputs.scanner-image }}
102109
secrets:
103110
devguard-token: ${{ secrets.devguard-token }}
104111

@@ -112,6 +119,7 @@ jobs:
112119
disable-artifact-registry-as-image-store: ${{ inputs.disable-artifact-registry-as-image-store }}
113120
artifact-name: ${{ inputs.artifact-name }}
114121
image-suffix: ${{ inputs.image-suffix }}
122+
scanner-image: ${{ inputs.scanner-image }}
115123
secrets:
116124
devguard-token: ${{ secrets.devguard-token }}
117125
build-args: ${{ secrets.build-args }}
@@ -129,6 +137,7 @@ jobs:
129137
web-ui: ${{ inputs.web-ui }}
130138
artifact-name: ${{ inputs.artifact-name }}
131139
image-suffix: ${{ inputs.image-suffix }}
140+
scanner-image: ${{ inputs.scanner-image }}
132141
secrets:
133142
devguard-token: ${{ secrets.devguard-token }}
134143

@@ -144,6 +153,7 @@ jobs:
144153
api-url: ${{ inputs.api-url }}
145154
image-already-in-registry: ${{ inputs.disable-artifact-registry-as-image-store }}
146155
image-suffix: ${{ inputs.image-suffix }}
156+
scanner-image: ${{ inputs.scanner-image }}
147157
secrets:
148158
devguard-token: ${{ secrets.devguard-token }}
149159

@@ -160,6 +170,7 @@ jobs:
160170
asset-name: ${{ inputs.asset-name }}
161171
artifact-name: ${{ inputs.artifact-name }}
162172
image-suffix: ${{ inputs.image-suffix }}
173+
scanner-image: ${{ inputs.scanner-image }}
163174
secrets:
164175
devguard-token: ${{ secrets.devguard-token }}
165176

@@ -176,5 +187,6 @@ jobs:
176187
asset-name: ${{ inputs.asset-name }}
177188
artifact-name: ${{ inputs.artifact-name }}
178189
image-suffix: ${{ inputs.image-suffix }}
190+
scanner-image: ${{ inputs.scanner-image }}
179191
secrets:
180-
devguard-token: ${{ secrets.devguard-token }}
192+
devguard-token: ${{ secrets.devguard-token }}

0 commit comments

Comments
 (0)