Reputation: 320
I would like to set up github actions in order to perform security scans on docker images. However, the build and push of the image I would like to scan is made by CircleCI. Hence I need to make sure that the images have been properly built and pushed on my repo before performing the security scan.
I know there exists an action to trigger a CircleCI job, but is there any way to trigger the execution of my Github action from Circle CI?
Thank you for the answers or any workaround you could provide :)
Upvotes: 3
Views: 2444
Reputation: 23270
You could use a repository dispatch event from you CircleCI pipeline to start a repository workflow (through CURL or through a script).
In that case, your Github repository workflow file will need a repository_dispatch event to trigger it, to perform your security scan job.
Dispatch Request Example
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/<USERNAME>/<REPOSITORY-NAME>/dispatches \
-d '{"event_type":"event_type"}'
Workflow Trigger Example
on: [repository_dispatch]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- name: security scan
run:|
...
Upvotes: 6