ci: test vulnerability checking workflow

telicent-oss · May 21, 2024 · ce4b506 · ce4b506
1 parent 0314d6c
commit ce4b506
Showing 1 changed file with 25 additions and 26 deletions.
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -61,38 +61,37 @@ jobs:
       - run: mkdir reports
       - run: yarn test:ci
 
-  publish_build_image_to_registries:
-    needs:
-      - integrated_tests
-      - get_variables
-    uses: telicent-oss/shared-workflows/.github/workflows/docker-push-to-registries.yml@main
+  run_vulnerability_scan_on_repo:
+    uses: telicent-oss/shared-workflows/.github/workflows/vulnerability-scanning-on-repo.yml@TELFE-187
     with:
       APP_NAME: ${{ needs.get_variables.outputs.app_name }}
-      DOCKERFILE: Dockerfile.build
-      PATH: .
-      VERSION: ${{ needs.get_variables.outputs.version }}
-      VERSION_SUFFIX: -build
-      IMAGE_SUFFIX: -build
     secrets: inherit
 
-  publish_deployment_image_to_registries:
-    needs:
-      - integrated_tests
-      - get_variables
-      - publish_build_image_to_registries
-    uses: telicent-oss/shared-workflows/.github/workflows/docker-push-to-registries.yml@main
-    with:
-      APP_NAME: ${{ needs.get_variables.outputs.app_name }}
-      DOCKERFILE: Dockerfile
-      PATH: .
-      VERSION: ${{ needs.get_variables.outputs.version }}
-    secrets: inherit
-
-  # Add back in once the vulnerability workflows are complete in OSS
-  #  trigger_owasp_dependency_check:
+  # Do not run while testing vulnerability-scanning-on-repo
+  #
+  #  publish_build_image_to_registries:
+  #    needs:
+  #      - integrated_tests
+  #      - get_variables
+  #    uses: telicent-oss/shared-workflows/.github/workflows/docker-push-to-registries.yml@main
+  #    with:
+  #      APP_NAME: ${{ needs.get_variables.outputs.app_name }}
+  #      DOCKERFILE: Dockerfile.build
+  #      PATH: .
+  #      VERSION: ${{ needs.get_variables.outputs.version }}
+  #      VERSION_SUFFIX: -build
+  #      IMAGE_SUFFIX: -build
+  #    secrets: inherit
+  #
+  #  publish_deployment_image_to_registries:
   #    needs:
+  #      - integrated_tests
+  #      - get_variables
   #      - publish_build_image_to_registries
-  #    uses: telicent-oss/shared-workflows/.github/workflows/dependency_tracking.yml@main
+  #    uses: telicent-oss/shared-workflows/.github/workflows/docker-push-to-registries.yml@main
   #    with:
   #      APP_NAME: ${{ needs.get_variables.outputs.app_name }}
+  #      DOCKERFILE: Dockerfile
+  #      PATH: .
+  #      VERSION: ${{ needs.get_variables.outputs.version }}
   #    secrets: inherit