This release adds support for scanning multi-arch container images.
To use this feature, specify the OS and CPU platform matching the image you wish to scan by adding the platform
argument to your workflows, as shown below:
- name: Scan built image with Inspector
uses: aws-actions/vulnerability-scan-github-action-for-amazon-inspector@v1
id: inspector
with:
artifact_type: 'container'
artifact_path: 'alpine:latest'
...
platform: "linux/arm64/v8"
sbomgen_version: "latest"
If platform is unspecified, this action will default to the OS/CPU platform that matches the GitHub Actions runner.