Skip to content

Action for performing anchore scans using Action js toolkit

License

Notifications You must be signed in to change notification settings

nurmi/anchore-scan-action

Repository files navigation

Create a JavaScript Action

Use this template to bootstrap the creation of a JavaScript action.:rocket:

This template includes tests, linting, a validation workflow, publishing, and versioning guidance.

If you are new, there's also a simpler introduction. See the Hello World JavaScript Action

Create an action from this template

Click the Use this Template and provide the new repo details for your action

Code in Master

Install the dependencies

$ npm install

Run the tests ✔️

$ npm test

 PASS  ./index.test.js
  ✓ throws invalid number (3ms)
  ✓ wait 500 ms (504ms)
  ✓ test runs (95ms)

...

Change action.yml

The action.yml contains defines the inputs and output for your action.

Update the action.yml with your name, description, inputs and outputs for your action.

See the documentation

Change the Code

Most toolkit and CI/CD operations involve async operations so the action is run in an async function.

const core = require('@actions/core');
...

async function run() {
  try { 
      ...
  } 
  catch (error) {
    core.setFailed(error.message);
  }
}

run()

See the toolkit documentation for the various packages.

Publish to a distribution branch

Actions are run from GitHub repos. We will create a releases branch and only checkin production modules (core in this case).

Comment out node_modules in .gitignore and create a releases/v1 branch

# Dependency directories
# node_modules/
$ git checkout -b releases/v1
$ git commit -a -m "prod dependencies"
$ npm prune --production
$ git add node_modules
$ git commit -a -m "prod dependencies"
$ git push origin releases/v1

Your action is now published! 🚀

See the versioning documentation

Validate

You can now validate the action by referencing the releases/v1 branch

uses: actions/javascript-action@releases/v1
with:
  milliseconds: 1000

See the actions tab for runs of this action! 🚀

Usage:

After testing you can create a v1 tag to reference the stable and tested action

uses: actions/javascript-action@v1
with:
  milliseconds: 1000

About

Action for performing anchore scans using Action js toolkit

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published