Merge pull request #7 from StatCan/115-leverage-dockle

feat(workflows): integrate dockle

.github/workflows/publish.yml

@@ -43,7 +43,6 @@ jobs:
       run: |
         docker build -f Dockerfile -t localhost:5000/s3proxy:${{ github.sha }} .
         docker push localhost:5000/s3proxy:${{ github.sha }}
-        docker rmi localhost:5000/s3proxy:${{ github.sha }}
         docker image prune
 
     # Scan image for vulnerabilities
@@ -52,10 +51,19 @@ jobs:
         curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin ${{ env.TRIVY_VERSION }}
         trivy image localhost:5000/s3proxy:${{ github.sha }} --exit-code 1 --timeout=20m --security-checks vuln --severity CRITICAL
 
-
+    # Run Dockle
+    - name: Run dockle
+      uses: goodwithtech/dockle-action@main
+      with:
+        image: localhost:5000/s3proxy:${{ github.sha }}
+        format: 'list'
+        exit-code: '0'
+        exit-level: 'fatal'
+        ignore: 'DKL-DI-0006'
+
     # Push if passed scanning
     - name: Push image to registry
       run: |
         docker pull localhost:5000/profiles-controller:${{ github.sha }}
         docker tag localhost:5000/profiles-controller:${{ github.sha }} ${{ env.REGISTRY_NAME }}.azurecr.io/s3proxy:${{ github.sha }}
-        docker push ${{ env.REGISTRY_NAME }}.azurecr.io/s3proxy:${{ github.sha }}
+        docker push ${{ env.REGISTRY_NAME }}.azurecr.io/s3proxy:${{ github.sha }}