Elizabeth W
34 lines
1.0 KiB
YAML
34 lines
1.0 KiB
YAML
{{- define "template.scan-crossguard" }}
|
|
- name: scan-crossguard
|
|
container:
|
|
image: pulumi/pulumi:3.154.0
|
|
env:
|
|
- name: PULUMI_ACCESS_TOKEN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: amp-security-pipeline-secrets
|
|
key: PULUMI_ACCESS_TOKEN
|
|
- name: AWS_ACCESS_KEY_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: amp-security-pipeline-secrets
|
|
key: AWS_ACCESS_KEY_ID
|
|
- name: AWS_SECRET_ACCESS_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: amp-security-pipeline-secrets
|
|
key: AWS_SECRET_ACCESS_KEY
|
|
command:
|
|
- sh
|
|
- -c
|
|
args:
|
|
- |
|
|
set -eu
|
|
mkdir -p /workspace/reports
|
|
cd /workspace
|
|
pulumi preview --policy-pack ./policy-pack > /workspace/reports/crossguard.json 2>&1 || true
|
|
volumeMounts:
|
|
- name: workspace
|
|
mountPath: /workspace
|
|
{{- end }}
|