{"id":28556116,"url":"https://github.com/bashofmann/neuvector-image-scan-action","last_synced_at":"2026-05-17T11:32:47.202Z","repository":{"id":55404887,"uuid":"522629961","full_name":"bashofmann/neuvector-image-scan-action","owner":"bashofmann","description":"GitHub Action for container image scans with NeuVector","archived":false,"fork":false,"pushed_at":"2023-01-23T02:54:20.000Z","size":87,"stargazers_count":1,"open_issues_count":1,"forks_count":2,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-03-16T23:51:44.287Z","etag":null,"topics":["containers","github-actions","neuvector","security"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bashofmann.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-08-08T16:39:52.000Z","updated_at":"2022-08-15T15:03:35.000Z","dependencies_parsed_at":"2023-02-14T02:30:28.177Z","dependency_job_id":null,"html_url":"https://github.com/bashofmann/neuvector-image-scan-action","commit_stats":{"total_commits":24,"total_committers":2,"mean_commits":12.0,"dds":0.08333333333333337,"last_synced_commit":"5437a397f4042df12123c2a4a01d8d8005a561b8"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/bashofmann/neuvector-image-scan-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bashofmann%2Fneuvector-image-scan-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bashofmann%2Fneuvector-image-scan-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bashofmann%2Fneuvector-image-scan-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bashofmann%2Fneuvector-image-scan-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bashofmann","download_url":"https://codeload.github.com/bashofmann/neuvector-image-scan-action/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bashofmann%2Fneuvector-image-scan-action/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33136730,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-17T09:28:26.183Z","status":"ssl_error","status_checked_at":"2026-05-17T09:27:52.702Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["containers","github-actions","neuvector","security"],"created_at":"2025-06-10T06:08:39.227Z","updated_at":"2026-05-17T11:32:47.184Z","avatar_url":"https://github.com/bashofmann.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!-- start title --\u003e\n\n# GitHub Action: NeuVector Image Scan\n\n\u003c!-- end title --\u003e\n\u003c!-- start description --\u003e\n\nScans a container image for vulnerabilities with [NeuVector](https://neuvector.com)\n\n\u003c!-- end description --\u003e\n\n[![GitHub Release][release-img]][release]\n[![GitHub Marketplace][marketplace-img]][marketplace]\n[![License][license-img]][license]\n\n## Usage\n\n### Scan locally built container image\n\n```yaml\nname: build\non:\n  push:\n    branches:\n      - main\njobs:\n  build:\n    name: Build\n    runs-on: ubuntu-latest\n    steps:\n      - name: Checkout code\n        uses: actions/checkout@v2\n      - name: Build image\n        run: |\n          docker build -t registry.organization.com/org/image-name:${{ github.sha }} .\n      - name: Scan Image\n        uses: bashofmann/neuvector-image-scan-action@main\n        with:\n          image-repository: registry.organization.com/org/image-name\n          image-tag: ${{ github.sha }}\n          min-high-cves-to-fail: \"1\"\n          min-medium-cves-to-fail: \"1\"\n```\n\n### Scan image from remote registry\n\n```yaml\nname: build\non:\n  push:\n    branches:\n      - main\njobs:\n  build:\n    name: Build\n    runs-on: ubuntu-latest\n    steps:\n      - name: Checkout code\n        uses: actions/checkout@v2\n      - name: Scan Remote Image\n        uses: bashofmann/neuvector-image-scan-action@main\n        with:\n          image-registry: https://registry.organization.com/\n          image-registry-username: ${{ secrets.RegistryUsername }}\n          image-registry-password: ${{ secrets.RegistryPassword }}\n          image-repository: org/image-name\n          image-tag: 1.0.0\n          min-high-cves-to-fail: \"1\"\n          min-medium-cves-to-fail: \"1\"\n```\n\n## Customizing\n\n### Inputs\n\nThe following inputs can be used in `step.with`:\n\n\u003c!-- start inputs --\u003e\n\n| **Input**                     | **Description**                                                                             | **Default**                | **Required** |\n| ----------------------------- | ------------------------------------------------------------------------------------------- | -------------------------- | ------------ |\n| **`image-registry`**          | Registry of the image to scan, e.g. `https://registry.organization.com/`                    |                            | **false**    |\n| **`image-registry-username`** | Username for the registry authentication                                                    |                            | **false**    |\n| **`image-registry-password`** | Password for the registry authentication                                                    |                            | **false**    |\n| **`image-repository`**        | Repository of the image to scan, e.g. `org/image-name`                                      |                            | **true**     |\n| **`image-tag`**               | Tag of the image to scan, e.g. `1.0.0`                                                      |                            | **true**     |\n| **`min-high-cves-to-fail`**   | Minimum CVEs with high severity to fail the job                                             | `0`                        | **false**    |\n| **`min-medium-cves-to-fail`** | Minimum CVEs with medium severity to fail the job                                           | `0`                        | **false**    |\n| **`cve-names-to-fail`**       | Comma-separated list of CVE names that make the job fail, e.g. `CVE-2021-4160,CVE-2022-0778 |                            | **false**    |\n| **`nv-scanner-image`**        | NeuVector Scanner image to use for scanning                                                 | `neuvector/scanner:latest` | **false**    |\n| **`output`**                  | Output format, one of: `text`, `json`, `csv`                                                | `text`                     | **false**    |\n| **`debug`**                   | Debug mode, on of: `true`, `false`                                                          | `false`                    | **false**    |\n\n\u003c!-- end inputs --\u003e\n\n### Outputs\n\n\u003c!-- start outputs --\u003e\n\n| \\***\\*Output\\*\\***           | \\***\\*Description\\*\\***                              | \\***\\*Default\\*\\*** | \\***\\*Required\\*\\*** |\n| ---------------------------- | ---------------------------------------------------- | ------------------- | -------------------- |\n| `vulnerability_count`        | Number of found vulnerabilities                      | undefined           | undefined            |\n| `high_vulnerability_count`   | Number of found vulnerabilities with high severity   | undefined           | undefined            |\n| `medium_vulnerability_count` | Number of found vulnerabilities with medium severity | undefined           | undefined            |\n\n\u003c!-- end outputs --\u003e\n\n### Usage\n\n\u003c!-- start usage --\u003e\n\n```yaml\n- uses: bashofmann/neuvector-image-scan-action@main\n  with:\n    # Registry of the image to scan, e.g. `https://registry.organization.com/`\n    # Default:\n    image-registry: \"\"\n\n    # Username for the registry authentication\n    # Default:\n    image-registry-username: \"\"\n\n    # Password for the registry authentication\n    # Default:\n    image-registry-password: \"\"\n\n    # Repository of the image to scan, e.g. `org/image-name`\n    image-repository: \"\"\n\n    # Tag of the image to scan, e.g. `1.0.0`\n    image-tag: \"\"\n\n    # Minimum CVEs with high severity to fail the job\n    # Default: 0\n    min-high-cves-to-fail: \"\"\n\n    # Minimum CVEs with medium severity to fail the job\n    # Default: 0\n    min-medium-cves-to-fail: \"\"\n\n    # Comma-separated list of CVE names that make the job fail, e.g.\n    # `CVE-2021-4160,CVE-2022-0778\n    # Default:\n    cve-names-to-fail: \"\"\n\n    # NeuVector Scanner image to use for scanning\n    # Default: neuvector/scanner:latest\n    nv-scanner-image: \"\"\n\n    # Output format, one of: `text`, `json`, `csv`\n    # Default: text\n    output: \"\"\n\n    # Debug mode, on of: `true`, `false`\n    # Default: false\n    debug: \"\"\n```\n\n\u003c!-- end usage --\u003e\n\n[release]: https://github.com/bashofmann/neuvector-image-scan-action/releases/latest\n[release-img]: https://img.shields.io/github/release/bashofmann/neuvector-image-scan-action.svg?logo=github\n[marketplace]: https://github.com/marketplace/actions/bashofmann/neuvector-image-scan\n[marketplace-img]: https://img.shields.io/badge/marketplace-bashofmann/neuvector-image-scan--action-blue?logo=github\n[license]: https://github.com/bashofmann/neuvector-image-scan-action/blob/master/LICENSE\n[license-img]: https://img.shields.io/github/license/bashofmann/neuvector-image-scan-action\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbashofmann%2Fneuvector-image-scan-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbashofmann%2Fneuvector-image-scan-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbashofmann%2Fneuvector-image-scan-action/lists"}