vulnerability-scan.yml

name: "DIAM Vulnerability Scan"

on:
  push:
    branches:
      - develop

  pull_request:
    branches:
      - main
      - test
  workflow_dispatch:

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v4
      - name: Login to Openshift Docker Registry Gold
        uses: docker/login-action@v1
        with:
          registry: image-registry.apps.gold.devops.gov.bc.ca
          username: ${{ secrets.OC_USERNAME }}
          password: ${{ secrets.OC_PASSWORD_VAULT_SA }}

      - name: Vulnerability Scan Frontend
        uses: Azure/container-scan@v0
        continue-on-error: true
        with:
          image-name: image-registry.apps.gold.devops.gov.bc.ca/${{ secrets.LICENSE_PLATE }}-tools/pidp-frontend:develop
      - name: Vulnerability Scan WebApi
        uses: Azure/container-scan@v0
        continue-on-error: true
        with:
          image-name: image-registry.apps.gold.devops.gov.bc.ca/${{ secrets.LICENSE_PLATE }}-tools/pidp-webapi:develop
      - name: Vulnerability Scan CaseMgmt
        uses: Azure/container-scan@v0
        continue-on-error: true
        with:
          image-name: image-registry.apps.gold.devops.gov.bc.ca/${{ secrets.LICENSE_PLATE }}-tools/edt-casemgmt:develop
      - name: Vulnerability Scan Notification
        uses: Azure/container-scan@v0
        continue-on-error: true
        with:
          image-name: image-registry.apps.gold.devops.gov.bc.ca/${{ secrets.LICENSE_PLATE }}-tools/jum-notification:develop
      - name: Vulnerability Scan Disclosure
        uses: Azure/container-scan@v0
        continue-on-error: true
        with:
          image-name: image-registry.apps.gold.devops.gov.bc.ca/${{ secrets.LICENSE_PLATE }}-tools/edt-disclosure:develop
      - name: Vulnerability Scan EDT Core
        uses: Azure/container-scan@v0
        continue-on-error: true
        with:
          image-name: image-registry.apps.gold.devops.gov.bc.ca/${{ secrets.LICENSE_PLATE }}-tools/edt-service:develop