What is the best / recommended approach with recommendations and matrix testing when some images might not have base images which results into image has no base image exit and non-zero exit code?
Currently I've split cves and recommendations to own steps as follows:
- name: Image CVEs
uses: docker/scout-action@f8c776824083494ab0d56b8105ba2ca85c86e4de # v1.18.2
with:
command: cves
image: ${{ vars.IMAGE }}
only-severities: ${{ inputs.severities || 'critical,high' }}
only-fixed: true
summary: true
format: json
exit-code: true
- name: Image recommendations
uses: docker/scout-action@f8c776824083494ab0d56b8105ba2ca85c86e4de # v1.18.2
continue-on-error: true
with:
command: recommendations
image: ${{ vars.IMAGE }}
only-severities: ${{ inputs.severities || 'critical,high' }}
only-fixed: true
summary: true
format: json
What is the best / recommended approach with recommendations and matrix testing when some images might not have base images which results into
image has no base image exitand non-zero exit code?Currently I've split
cvesandrecommendationsto own steps as follows: