refactor: improve action

Author: pedrokiefer

.github/workflows/ci.yaml

@@ -0,0 +1,95 @@
+name: ci
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  clamavScan:
+    runs-on: ubuntu-latest
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+        with:
+          path: action
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+        with:
+          version: latest
+          driver-opts: network=host
+
+      -
+        name: Build vulnerable image
+        uses: docker/build-push-action@v2
+        with:
+          file: ./test/Dockerfile
+          push: true
+          tags: |
+            localhost:5000/vulnerable/app:latest
+            localhost:5000/vulnerable/app:1.0.0
+
+      -
+        name: Run X9
+        id: x9_run_with_virus
+        continue-on-error: true
+        uses: ./action
+        with:
+          image: localhost:5000/vulnerable/app:latest
+          ignoreThreats: false
+      -
+        name: Check
+        run: |
+          echo "${{ toJson(steps.x9_run_with_virus) }}"
+          if [ "${{ steps.x9_run_with_virus.outcome }}" != "failure" ] || [ "${{ steps.x9_run_with_virus.conclusion }}" != "success" ]; then
+            echo "::error::Should have failed"
+            exit 1
+          fi
+      -
+        name: Dump context
+        if: always()
+        uses: crazy-max/ghaction-dump-context@v1
+
+  trivyScan:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+        with:
+          path: action
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      -
+        name: Run X9
+        id: x9_run_with_vulnerabilities
+        continue-on-error: true
+        uses: ./action
+        with:
+          image: node:10.8.0-jessie
+          ignoreThreats: false
+      -
+        name: Check
+        run: |
+          echo "${{ toJson(steps.x9_run_with_vulnerabilities) }}"
+          if [ "${{ steps.x9_run_with_vulnerabilities.outcome }}" != "failure" ] || [ "${{ steps.x9_run_with_vulnerabilities.conclusion }}" != "success" ]; then
+            echo "::error::Should have failed"
+            exit 1
+          fi
+      -
+        name: Dump context
+        if: always()
+        uses: crazy-max/ghaction-dump-context@v1

.github/workflows/test.yaml

@@ -0,0 +1,32 @@
+name: test
+
+on:
+  push:
+    branches:
+      - 'main'
+  pull_request:
+    branches:
+      - 'main'
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Validate
+        uses: docker/bake-action@v1
+        with:
+          targets: validate
+      -
+        name: Test
+        uses: docker/bake-action@v1
+        with:
+          targets: test
+      -
+        name: Upload coverage
+        uses: codecov/codecov-action@v1
+        with:
+          file: ./coverage/clover.xml

.gitignore

@@ -0,0 +1,3 @@
+node_modules
+coverage
+lib

.prettierrc.json

@@ -0,0 +1,11 @@
+{
+  "printWidth": 240,
+  "tabWidth": 2,
+  "useTabs": false,
+  "semi": true,
+  "singleQuote": true,
+  "trailingComma": "none",
+  "bracketSpacing": false,
+  "arrowParens": "avoid",
+  "parser": "typescript"
+}