rename scan-defectdojo to what it actually does crossguard
This commit is contained in:
@@ -0,0 +1,36 @@
|
||||
{{- define "template.scan-pulumi-crossguard" -}}
|
||||
- name: scan-pulumi-crossguard
|
||||
inputs:
|
||||
parameters:
|
||||
- name: working-dir
|
||||
container:
|
||||
image: {{ .Values.images.pulumiCrossguard | quote }}
|
||||
env:
|
||||
- name: PULUMI_ACCESS_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: amp-security-pipeline-secrets
|
||||
key: PULUMI_ACCESS_TOKEN
|
||||
- name: AWS_ACCESS_KEY_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: amp-security-pipeline-secrets
|
||||
key: AWS_ACCESS_KEY_ID
|
||||
- name: AWS_SECRET_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: amp-security-pipeline-secrets
|
||||
key: AWS_SECRET_ACCESS_KEY
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
args:
|
||||
- |
|
||||
set -eu
|
||||
mkdir -p /workspace/reports
|
||||
cd "/workspace/{{ `{{inputs.parameters.working-dir}}` }}"
|
||||
pulumi preview --policy-pack "{{ .Values.pulumi.policyPackPath }}" > /workspace/reports/pulumi-crossguard.json 2>&1 || true
|
||||
volumeMounts:
|
||||
- name: workspace
|
||||
mountPath: /workspace
|
||||
{{- end }}
|
||||
Reference in New Issue
Block a user