# This is a basic workflow to help you get started with Actions

name: Build

# Controls when the action will run.

on: [push, pull_request, workflow_dispatch]

# A workflow run is made up of one or more jobs that can run sequentially or in parallel

jobs:

# This workflow contains a single job called "build"

build:

# The type of runner that the job will run on

runs-on: ubuntu-latest

# Steps represent a sequence of tasks that will be executed as part of the job

steps:

# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it

- uses: actions/checkout@v2

- name: Build and test the image

run: ./tests.sh

- name: Scan the image

uses: anchore/scan-action@v2

with:

image: "mendhak/http-https-echo:latest"

debug: false

acs-report-enable: true

- name: Upload Anchore Scan ACS Report

uses: github/codeql-action/upload-sarif@v1

with:

sarif_file: results.sarif