Skip to content

Commit

Permalink
Workflows updated from AnchorFree/workflows:1b1cade
Browse files Browse the repository at this point in the history
  • Loading branch information
Anchorfree Jenkins committed Apr 15, 2024
1 parent b1a43f0 commit c2a025e
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 11 deletions.
5 changes: 2 additions & 3 deletions .github/workflows/hadolint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,9 @@ jobs:
pull-requests: write
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Scanning the dockerfile
uses: reviewdog/action-hadolint@v1.34.1
uses: reviewdog/action-hadolint@v1.39.0
with:
reporter: github-pr-review
filter_mode: file

16 changes: 8 additions & 8 deletions .github/workflows/trivy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
lfs: true
submodules: recursive
Expand All @@ -32,22 +32,22 @@ jobs:
run: git lfs checkout

- name: Run Trivy vulnerability scanner in repo mode (table)
uses: aquasecurity/trivy-action@0.10.0
uses: aquasecurity/trivy-action@0.19.0
with:
scan-type: 'fs'
ignore-unfixed: true
format: 'table'

- name: Run Trivy vulnerability scanner in repo mode (sarif)
uses: aquasecurity/trivy-action@0.10.0
uses: aquasecurity/trivy-action@0.19.0
with:
scan-type: 'fs'
ignore-unfixed: true
format: 'sarif'
output: 'trivy-results.sarif'

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'

Expand All @@ -60,7 +60,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
lfs: true
submodules: recursive
Expand All @@ -72,21 +72,21 @@ jobs:
run: |
docker build -t ${{ github.sha }} .
- name: Run Trivy vulnerability scanner in image mode (table output)
uses: aquasecurity/trivy-action@0.10.0
uses: aquasecurity/trivy-action@0.19.0
with:
image-ref: '${{ github.sha }}'
ignore-unfixed: true
format: 'table'

- name: Run Trivy vulnerability scanner in image mode (sarif output)
uses: aquasecurity/trivy-action@0.10.0
uses: aquasecurity/trivy-action@0.19.0
with:
image-ref: '${{ github.sha }}'
ignore-unfixed: true
format: 'sarif'
output: 'trivy-results.sarif'

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'

0 comments on commit c2a025e

Please sign in to comment.