Skip to content

Commit

Permalink
update actions
Browse files Browse the repository at this point in the history
  • Loading branch information
seanlongcc committed Jul 8, 2024
1 parent f5f8a5c commit c1042a4
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 7 deletions.
6 changes: 4 additions & 2 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@ on:
workflow_dispatch:

jobs:
my_job:
name: Harden MongoDB Container
harden_validate_mongodb:
name: Harden and Validate MongoDB Container

runs-on: ubuntu-latest

Expand All @@ -17,6 +17,7 @@ jobs:
CA_FILE_BASE64_AA: ${{ secrets.CA_FILE_BASE64_AA }}
CA_FILE_BASE64_AB: ${{ secrets.CA_FILE_BASE64_AB }}
CERTIFICATE_KEY_FILE: ${{ secrets.CERTIFICATE_KEY_FILE }}
INSPEC_INPUTS: ${{ secrets.INSPEC_INPUTS }}

steps:
- name: Add Dependencies
Expand All @@ -33,6 +34,7 @@ jobs:
echo "${{ env.CA_FILE_BASE64_AB }}" >> CA_FILE
base64 --decode CA_FILE > certificates/dod_CAs.pem
echo "${{ env.CERTIFICATE_KEY_FILE }}" > certificates/mongodb.pem
echo "${{ env.INSPEC_INPUTS }}" > spec/mongo-inspec-profile/inputs.yml
- name: Run Packer Hardening
run: |
Expand Down
5 changes: 0 additions & 5 deletions mongo-validate.pkr.hcl
Original file line number Diff line number Diff line change
Expand Up @@ -41,11 +41,6 @@ source "docker" "hardened" {
commit = false
pull = false
discard = true
// run_command = [
// "-d",
// "--name", "${var.input_hardened_image.name}",
// "{{.Image}}",
// ]
run_command = [
"-d",
"--name", "${var.input_hardened_image.name}",
Expand Down

0 comments on commit c1042a4

Please sign in to comment.