From fd37b2635be32ee137467f304d94aab98e3e8784 Mon Sep 17 00:00:00 2001
From: Bartosz Zurkowski <zurkowski.bartosz@gmail.com>
Date: Sun, 11 Sep 2022 17:15:09 +0200
Subject: [PATCH 1/5] Add Docker image scan

Signed-off-by: Bartosz Zurkowski <zurkowski.bartosz@gmail.com>
---
 .github/workflows/integrate.yaml | 5 ++++-
 Makefile                         | 8 +++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/integrate.yaml b/.github/workflows/integrate.yaml
index a95b74a..068eb02 100644
--- a/.github/workflows/integrate.yaml
+++ b/.github/workflows/integrate.yaml
@@ -67,10 +67,13 @@ jobs:
     - name: Check coverage
       run: make coverage
 
-  test-build:
+  test-docker:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
 
     - name: Build Docker image
       run: make docker-build
+
+    - name: Scan Docker image for vulnerabilities
+      run: make docker-scan
diff --git a/Makefile b/Makefile
index f9842a9..f701ff1 100644
--- a/Makefile
+++ b/Makefile
@@ -1,3 +1,5 @@
+IMAGE ?= openrca/orca
+
 .PHONY: format
 format:
 	@tox -e test-tools -- black .
@@ -20,4 +22,8 @@ coverage:
 
 .PHONY: docker-build
 docker-build:
-	@docker build . -f Dockerfile -t openrca/orca
+	@docker build . -f Dockerfile -t $(IMAGE)
+
+.PHONY: docker-scan
+docker-scan:
+	@docker scan --accept-license --file Dockerfile --dependency-tree $(IMAGE)

From 6be6d4b5a80ca1dd29f9d26382aa3e60a274b46e Mon Sep 17 00:00:00 2001
From: Bartosz Zurkowski <zurkowski.bartosz@gmail.com>
Date: Sun, 11 Sep 2022 20:51:11 +0200
Subject: [PATCH 2/5] Test Docker version

Signed-off-by: Bartosz Zurkowski <zurkowski.bartosz@gmail.com>
---
 .github/workflows/integrate.yaml | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/integrate.yaml b/.github/workflows/integrate.yaml
index 068eb02..a03af03 100644
--- a/.github/workflows/integrate.yaml
+++ b/.github/workflows/integrate.yaml
@@ -72,8 +72,13 @@ jobs:
     steps:
     - uses: actions/checkout@v3
 
-    - name: Build Docker image
-      run: make docker-build
+    - name: Test Docker version
+      run: |
+        docker version
+        docker scan
+
+    # - name: Build Docker image
+    #   run: make docker-build
 
-    - name: Scan Docker image for vulnerabilities
-      run: make docker-scan
+    # - name: Scan Docker image for vulnerabilities
+    #   run: make docker-scan

From 42bf2d9426e4de172746771fbd183ee6718e4bcd Mon Sep 17 00:00:00 2001
From: Bartosz Zurkowski <zurkowski.bartosz@gmail.com>
Date: Sun, 11 Sep 2022 20:59:12 +0200
Subject: [PATCH 3/5] Install Docker Scan plugin

Signed-off-by: Bartosz Zurkowski <zurkowski.bartosz@gmail.com>
---
 .github/workflows/integrate.yaml | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/integrate.yaml b/.github/workflows/integrate.yaml
index a03af03..c361ebc 100644
--- a/.github/workflows/integrate.yaml
+++ b/.github/workflows/integrate.yaml
@@ -72,13 +72,18 @@ jobs:
     steps:
     - uses: actions/checkout@v3
 
+    - name: Install Docker Scan plugin
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y docker-scan-plugin
+
     - name: Test Docker version
       run: |
         docker version
         docker scan
 
-    # - name: Build Docker image
-    #   run: make docker-build
+    - name: Build Docker image
+      run: make docker-build
 
-    # - name: Scan Docker image for vulnerabilities
-    #   run: make docker-scan
+    - name: Scan Docker image for vulnerabilities
+      run: make docker-scan

From 40843e03700024a1976bf6e97e37e04ca547f0ff Mon Sep 17 00:00:00 2001
From: Bartosz Zurkowski <zurkowski.bartosz@gmail.com>
Date: Sun, 11 Sep 2022 21:07:57 +0200
Subject: [PATCH 4/5] Inspect hardware architecture

Signed-off-by: Bartosz Zurkowski <zurkowski.bartosz@gmail.com>
---
 .github/workflows/integrate.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/integrate.yaml b/.github/workflows/integrate.yaml
index c361ebc..d21b99c 100644
--- a/.github/workflows/integrate.yaml
+++ b/.github/workflows/integrate.yaml
@@ -72,6 +72,11 @@ jobs:
     steps:
     - uses: actions/checkout@v3
 
+    - name: Inspect hardware architecture
+      run: |
+        uname -m
+        uname -a
+
     - name: Install Docker Scan plugin
       run: |
         sudo apt-get update

From 4c0d438d1450ef91bd34e71cf5397bfb06c0f6a0 Mon Sep 17 00:00:00 2001
From: Bartosz Zurkowski <zurkowski.bartosz@gmail.com>
Date: Sun, 11 Sep 2022 21:09:46 +0200
Subject: [PATCH 5/5] Fix Docker Scan plugin install

Signed-off-by: Bartosz Zurkowski <zurkowski.bartosz@gmail.com>
---
 .github/workflows/integrate.yaml | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/integrate.yaml b/.github/workflows/integrate.yaml
index d21b99c..3fceefd 100644
--- a/.github/workflows/integrate.yaml
+++ b/.github/workflows/integrate.yaml
@@ -72,20 +72,12 @@ jobs:
     steps:
     - uses: actions/checkout@v3
 
-    - name: Inspect hardware architecture
-      run: |
-        uname -m
-        uname -a
-
-    - name: Install Docker Scan plugin
+    - name: Install latest Docker
       run: |
+        curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+        sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu  $(lsb_release -cs)  stable"
         sudo apt-get update
-        sudo apt-get install -y docker-scan-plugin
-
-    - name: Test Docker version
-      run: |
-        docker version
-        docker scan
+        sudo apt-get install docker-ce
 
     - name: Build Docker image
       run: make docker-build