Skip to content

v1.2.0

Marketplace
Marketplace

Choose a tag to compare

View all tags
@bluesentinelsec bluesentinelsec released this 26 Nov 18:41
· 9 commits to main since this release
v1.2.0
8c2d4d7
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

This release adds support for scanning multi-arch container images.

To use this feature, specify the OS and CPU platform matching the image you wish to scan by adding the platform argument to your workflows, as shown below:

      - name: Scan built image with Inspector
        uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1
        id: inspector
        with:
          artifact_type: 'container'
          artifact_path: 'alpine:latest'
          ...
          platform: "linux/arm64/v8"
          sbomgen_version: "latest"

If platform is unspecified, this action will default to the OS/CPU platform that matches the GitHub Actions runner.

⚠️ This workflow requires inspector-sbomgen versions greater than or equal to 1.5.2.

Assets 2
Loading
0 Join discussion