Skip to content

AccuKnox Container Scan

Actions
Scan Docker images using AccuKnox and push the results to the CSPM panel
v0.0.1
Latest
By accuknox
Verified creator
Star (14)

Tags

 (2)
securitycontainer-ci

Verified

GitHub has manually verified the creator of the action as an official partner organization. For more info see About badges in GitHub Marketplace.

Automate Container Image Security Scanning with AccuKnox GitHub Action

Learn More

Input Values Description Optional/Required Default Values
dockerfile_context The context of the Dockerfile to use for building the image. Optional Dockerfile
endpoint The URL of the CSPM panel to push the scan results to. Optional cspm.demo.accuknox.com
token The token for authenticating with the CSPM panel. Required -
tenant_id The ID of the tenant associated with the CSPM panel. Required -
repository_name Docker image repository name. Required -
tag Add version tag to the repository. Optional ${{ github.run_id }}
severity Allows selection of severity level for the scan. Options include UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL. Optional UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL
exit_code Specifies pipeline behavior upon detecting specified severity level. '0' (continue) or '1' (halt). Optional 0
label The label created in AccuKnox SaaS for associating scan results. Required -

Usage

Steps for using Install-action in a workflow yaml file

  • Checkout into the repo using checkout action.
  • Utilize the accuknox/container-scan-action repository with version tag v0.0.1.

Token Generation from Accuknox SaaS and Viewing Tenant ID

Navigate to Tokens within the Settings section in the sidebar: 1

Click on Create Token: After clicking on 'Create Token,' the Tenant ID will be visible. 2

Click on Generate: 3

workflow steps:

 - name: Run AccuKnox CSPM Scan
        uses: accuknox/[email protected]
        with:
          token:
          tenant_id:                       #Required
          repository_name:                 #Required
          label:                           #Required
          endpoint:                        #Optional
          tag:                             #Optional
          exit_code:                       #Optional
          severity:                        #Optional
          dockerfile_context:              #Optional

Minimalist Sample Configuration

name: AccuKnox Scan Workflow

on:
  push:
    branches:
      - main
  pull_request:
    branches:
      - main

jobs:
  accuknox-cicd:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@main

      - name: Run AccuKnox CSPM Scan
        uses: accuknox/[email protected]
        with:
          token: ${{ secrets.TOKEN }}
          tenant_id: ${{ secrets.TENANT_ID }}
          repository_name: ${{ github.repository }}
          label: ${{ secrets.LABEL }}

Contributors (2)

@udit-uniyal@raviknox

Resources

AccuKnox Container Scan is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.

About

Scan Docker images using AccuKnox and push the results to the CSPM panel
v0.0.1
Latest
By accuknox

Verified

GitHub has manually verified the creator of the action as an official partner organization. For more info see About badges in GitHub Marketplace.

Tags

 (2)
securitycontainer-ci

Contributors (2)

@udit-uniyal@raviknox

Resources

AccuKnox Container Scan is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.