From de0990acd2c5e100d66c93d99c0797eb96ff8c0a Mon Sep 17 00:00:00 2001
From: Chris Werner Rau <cwr@teuto.net>
Date: Thu, 22 Aug 2024 16:17:13 +0200
Subject: [PATCH] fix(ci/cve-scanning): `export`s don't persist across `run`s
 (#1125)

---
 .github/workflows/scan-for-cves.yaml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/scan-for-cves.yaml b/.github/workflows/scan-for-cves.yaml
index 7a28eddda..ae3b6f585 100644
--- a/.github/workflows/scan-for-cves.yaml
+++ b/.github/workflows/scan-for-cves.yaml
@@ -37,10 +37,9 @@ jobs:
     steps:
       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
 
-      - name: install trivy
-        run: |
+      - run: /home/linuxbrew/.linuxbrew/bin/brew install trivy
+      - run: |
           eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
-          brew install trivy
-      - run: ./.github/scripts/generate-sarif-reports.sh ${{ matrix.chart }}
+          ./.github/scripts/generate-sarif-reports.sh ${{ matrix.chart }}
       - uses: github/codeql-action/upload-sarif@366883a76d75dcee5428da5c3ae7abf9386e35ac # v3
           # TODO: github dependency tree?