Skip to content
check

GitHub Action

tern-action

v1.3.0 Latest version

tern-action

check

tern-action

Runs the VMWARE's tern over docker images

Installation

Copy and paste the following snippet into your .yml file.

              

- name: tern-action

uses: philips-labs/[email protected]

Learn more about this action in philips-labs/tern-action

Choose a version

GitHub Action to VMWARE's tern!

Marketplace Release .github/workflows/lint.yml

This Action wraps tern allowing scanning of your docker images!

Contents

Inputs

image

Required docker image to scan. Example: alpine:latest

format

Output format. Can be either: json, html, spdxtagvalue, spdxjson, yaml or human

Optional defaults to json

output

Optional Name of the output file. Defaults to tern.<format>

Outputs

output

output JSON string

file

output JSON file.

Environment Variables

Example Usage

Vanilla

tern CLI will automatically scan your image`:

name: build 
on: [push]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: philips-labs/[email protected]
        id: scan
        with:
          image: alpine:latest
          format: yaml
          output: alpine.yaml
      - uses: actions/upload-artifact@v2
        with:
          name: tern 
          path: ${{ steps.scan.outputs.file }} 

Examples

example repo

Contributors

Thanks goes to these contributors!

License

MIT License