README.md

aactl as builder in GitHub Actions (GHA)

In addition to being used as a CLI, aactl can also be used as a builder.

inputs

• project - (required) GCP Project ID
• digest - (required) Image digest
• file - (required) Path to the vulnerability file
• format - (required) Format of the vulnerability file

usage

Below example, shows how to import vulnerabilities from previously generated report.

Make sure to use the latest tag release from here

uses: GoogleCloudPlatform/aactl@v0.3.4`
with:
  type: vulnerability
  project: ${{ env.PROJECT_ID }}
  digest: ${{ steps.build.outputs.digest }}
  file: ${{ steps.scan.outputs.output }}
  format: ${{ steps.scan.outputs.format }}

Fully working example can be found in .github/workflows/import.yaml.