Update Netflix.yml

Googleoy · Feb 11, 2024 · fef5d7e · fef5d7e
1 parent b8832b6
commit fef5d7e
Showing 1 changed file with 18 additions and 2 deletions.
diff --git a/.github/workflows/Netflix.yml b/.github/workflows/Netflix.yml
@@ -1,4 +1,4 @@
-name: Build
+name: Build,Analyze,Scan
 
 on:
   push:
@@ -7,7 +7,7 @@ on:
 
 
 jobs:
-  build:
+  build-analyze-scan:
     name: Build
     runs-on: ubuntu-latest
     steps:
@@ -18,6 +18,22 @@ jobs:
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
           SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+
+      - name: install trivy
+        run: |
+           #install trivy
+            sudo apt-get install wget apt-transport-https gnupg lsb-release -y
+            wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null
+            echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
+            sudo apt-get update
+            sudo apt-get install trivy -y
+            #command to scan files
+            trivy fs .
+           
+      
+
+
+
       # If you wish to fail your job when the Quality Gate is red, uncomment the
       # following lines. This would typically be used to fail a deployment.
       # - uses: sonarsource/sonarqube-quality-gate-action@master