I would like to set up github actions in order to perform security scans on docker images. However, the build and push of the image I would like to scan is made by CircleCI. Hence I need to make sure that the images have been properly built and pushed on my repo before performing the security scan.
I know there exists an action to trigger a CircleCI job, but is there any way to trigger the execution of my Github action from Circle CI?
Thank you for the answers or any workaround you could provide:)
You could use a repository dispatch event from you CircleCI pipeline to start a repository workflow (through CURL or through a script).
In that case, your Github repository workflow file will need a repository_dispatch event to trigger it, to perform your security scan job.
Dispatch Request Example
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/<USERNAME>/<REPOSITORY-NAME>/dispatches \
-d '{"event_type":"event_type"}'
Workflow Trigger Example
on: [repository_dispatch]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- name: security scan
run:|
...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.