Passing data to reusable workflows

Reusable workflows accept data via inputs

1. First, let’s add an inputs array to our reusable workflow on:workflow_call: event
2. Next, we pass those input values to the Action steps: ${{ inputs.<input-name> }}
3. Then we’ll add matching with and secrets key:values to our calling workflow

Add input to the Trivy workflow in

<org>/actions/.github/workflows/reusable-trivy.yml

• Add these inputs lines under the workflow_call: event

on:
  workflow_call:
    inputs:
      image:
        description: Image to scan
        required: true
        type: string

• Then pass that value to the trivy action step at bottom

      - name: Run Trivy vulnerability scanner
        uses: aquasecurity/trivy-action@0.11.2
        with:
          image-ref: ${{ inputs.image }}

Add input to the wordsmith-web workflow PR

<org>/wordsmith-web/.github/workflows/call-trivy.yml

1. Change the <org> to yours

jobs:
  scan:
    name: Scan
    uses: <org>/actions/.github/workflows/reusable-trivy.yml@<pr-branch-name>
    with:
      image: 'ghcr.io/<org>/wordsmith-web:latest'

2. Commit that and watch the Action run in the wordsmith-web repo

3. We now have a working reusable workflow