Go To All Steps
Codefresh Steps: Reusable Code for Common Operations
This page provides code you can use to perform common operations in the Codefresh CI/CD platform.
21

google-container-analysis google-container-analysis

Invokes scan using gcloud, confirms threshold is not reached. Pass or fail based on exceeding threshold

arguments

  • CVSS_SCORE - Threshold by CVSS Score, overrides THRESHOLD
  • GOOGLE_LOCATION - Google Artifact Registry Location.
  • GOOGLE_PROJECT - Google Project Name.
  • GOOGLE_SA_JSON_BASE64 - SA.json file contents (base64 encoded) for service account user.
  • IMAGE - Fully qualified image. Domain + Image + Tag
  • THRESHOLD - Threshold of scan.
  • WORKING_DIRECTORY - Directory where scan files will be placed
    DockerImageScan:
  type: google-container-analysis
  arguments:
    IMAGE: 'us-docker.pkg.dev/project/repository/image:tag'
    THRESHOLD: MEDIUM
    GOOGLE_SA_JSON_BASE64: ewogICJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIsCiAgInByb2p...
github.com
Dustin Van Buskirk
Nov 4, 2021
source