Mid-phase: Container Image Scan
The Mid-phase scan inspects your container images (e.g., Docker) for known vulnerabilities in the OS packages and application libraries they contain. This is typically run after a successful build and push to a container registry.
Example Workflow: Container Scan
jobs:
  container-scan:
    name: Mid-phase - Container Scan
    runs-on: ubuntu-latest
    steps:
      - name: Run SecureCI Mid-phase Scan
        uses: clockhash-kiran/scan-actions/mid-phase@main
        with:
          target_url: 'nginx:latest'
          user_id: 'YOUR_USER_ID'
          project_id: 'YOUR_PROJECT_ID'
          api_token: ${{ secrets.SECURECI_API_TOKEN }}