Skip to content
CI Pull Request on Main Branch

CHEF-33010 Added grype scan config #2

Sign in to view logs

CHEF-33010 Added grype scan config

CHEF-33010 Added grype scan config #2

Triggered via pull request March 26, 2026 18:03
@Nik08Nik08
synchronize #38
nm/grype-scan-flags-inspec7
Status Success
Total duration 2m 4s
Artifacts 7

ci-main-pull-request-stub.yml

on: pull_request
Detect custom properties
5s
Detect custom properties
Echo stub version
4s
Echo stub version
call-ci-main-pr-check-pipeline  /  Checkout repository
3s
call-ci-main-pr-check-pipeline / Checkout repository
call-ci-main-pr-check-pipeline  /  Pre-compilation checks
3s
call-ci-main-pr-check-pipeline / Pre-compilation checks
call-ci-main-pr-check-pipeline  /  Build/compilation and unit tests (CI)
47s
call-ci-main-pr-check-pipeline / Build/compilation and unit tests (CI)
call-ci-main-pr-check-pipeline  /  ...  /  Export SBOM from GitHub Dependency Graph API
6s
call-ci-main-pr-check-pipeline / Generating SBOM / Export SBOM from GitHub Dependency Graph API
call-ci-main-pr-check-pipeline  /  ...  /  Blackduck SCA Scan (PURPLE)
1m 42s
call-ci-main-pr-check-pipeline / Generating SBOM / Blackduck SCA Scan (PURPLE)
call-ci-main-pr-check-pipeline  /  ...  /  Generate MSFT SBOM
0s
call-ci-main-pr-check-pipeline / Generating SBOM / Generate MSFT SBOM
call-ci-main-pr-check-pipeline  /  ...  /  license_scout
0s
call-ci-main-pr-check-pipeline / Generating SBOM / license_scout
call-ci-main-pr-check-pipeline  /  ...  /  Complexity and SLOC generation
20s
call-ci-main-pr-check-pipeline / Source code complexity checks / Complexity and SLOC generation
call-ci-main-pr-check-pipeline  /  Language-specific pre-compilation steps and linting
4s
call-ci-main-pr-check-pipeline / Language-specific pre-compilation steps and linting
call-ci-main-pr-check-pipeline  /  Language-agnostic pre-compilation steps
5s
call-ci-main-pr-check-pipeline / Language-agnostic pre-compilation steps
call-ci-main-pr-check-pipeline  /  ...  /  Trufflehog
13s
call-ci-main-pr-check-pipeline / Trufflehog scan / Trufflehog
call-ci-main-pr-check-pipeline  /  Grype scan
36s
call-ci-main-pr-check-pipeline / Grype scan
call-ci-main-pr-check-pipeline  /  ...  /  BlackDuck Polaris SAST scan
call-ci-main-pr-check-pipeline / BlackDuck Polaris SAST scan / BlackDuck Polaris SAST scan
call-ci-main-pr-check-pipeline  /  ...  /  Grype vulnerability scan
call-ci-main-pr-check-pipeline / Grype Docker image scan / Grype vulnerability scan
call-ci-main-pr-check-pipeline  /  ...  /  Grype scan (Linux)
call-ci-main-pr-check-pipeline / Grype scan Habitat packages from bldr.habitat.sh / Grype scan (Linux)
call-ci-main-pr-check-pipeline  /  ...  /  Grype scan (MacOS)
call-ci-main-pr-check-pipeline / Grype scan Habitat packages from bldr.habitat.sh / Grype scan (MacOS)
call-ci-main-pr-check-pipeline  /  ...  /  Grype scan (Windows)
call-ci-main-pr-check-pipeline / Grype scan Habitat packages from bldr.habitat.sh / Grype scan (Windows)
call-ci-main-pr-check-pipeline  /  Creating packaged binaries
0s
call-ci-main-pr-check-pipeline / Creating packaged binaries
call-ci-main-pr-check-pipeline  /  Detect SBOM version for application
0s
call-ci-main-pr-check-pipeline / Detect SBOM version for application
Matrix: call-ci-main-pr-check-pipeline / Unit tests
call-ci-main-pr-check-pipeline  /  ...  /  irfan
call-ci-main-pr-check-pipeline / Reporting to quality dashboard / irfan
call-ci-main-pr-check-pipeline  /  Creating Habitat packages
call-ci-main-pr-check-pipeline / Creating Habitat packages
call-ci-main-pr-check-pipeline  /  Publishing Habitat packages to Builder
call-ci-main-pr-check-pipeline / Publishing Habitat packages to Builder
call-ci-main-pr-check-pipeline  /  Publishing packages
call-ci-main-pr-check-pipeline / Publishing packages
call-ci-main-pr-check-pipeline  /  Grype scan of Habitat packages
0s
call-ci-main-pr-check-pipeline / Grype scan of Habitat packages
call-ci-main-pr-check-pipeline  /  Grype scan of Habitat packages (Windows)
0s
call-ci-main-pr-check-pipeline / Grype scan of Habitat packages (Windows)
Fit to window
Zoom out
Zoom in

Annotations

1 error and 5 warnings
call-ci-main-pr-check-pipeline / Build/compilation and unit tests (CI)
Process completed with exit code 1.
Detect custom properties
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/checkout@v4. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
call-ci-main-pr-check-pipeline / Generating SBOM / Export SBOM from GitHub Dependency Graph API
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/upload-artifact@v4. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
call-ci-main-pr-check-pipeline / Source code complexity checks / Complexity and SLOC generation
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/upload-artifact@v4. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
call-ci-main-pr-check-pipeline / Grype scan
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/upload-artifact@v4. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
call-ci-main-pr-check-pipeline / Generating SBOM / Blackduck SCA Scan (PURPLE)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/upload-artifact@v4, blackduck-inc/black-duck-security-scan@v2.1.1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/

Artifacts

Produced during runtime
Name Size Digest
grype-scan-inspec-docker-resources-20260326-180432
2.06 KB
sha256:208617384fc547fc4c951918490db14b8d98a46afcf5c4622d0c8895cbf79f32
inspec-docker-resources-Gemfile-lock.txt
4.94 KB
sha256:d0a40751b55fae49008ee27db284d01e727ab1c9c46515d6efa8fcffde8781e4
inspec-inspec-docker-resources-20260326180402-GitHub-sbom.json
1.29 KB
sha256:da06fc8f0749c9f1923965e875bc369c33d59637ec37a117f343e0d8a639ebc8
inspec-inspec-docker-resources-38-merge-20260326180416-scc-complexity.html
1.92 KB
sha256:e3b33b3e86d3803b8f77fa1dd4ac62e5cc85219a4e26d740ca41ff31ff610091
inspec-inspec-docker-resources-38-merge-20260326180416-scc-complexity.json
2.03 KB
sha256:be3056ec4007830a4a9432103e6638339f817c9f401b7c0f636a37dc21959195
inspec-inspec-docker-resources-38-merge-20260326180416-scc-complexity.txt
681 Bytes
sha256:4488f247d65c6417bd6b5283952347980b0557f975c63ed36d919480310222c1
inspec-inspec-docker-resources-38-merge-7.1.5-20260326180402-GitHub-sbom.csv
711 Bytes
sha256:4d641e9b4ce9b3af60b59c31448750e5516f59e01c5ebf10df204243b8249d96