adding trivy config

Signed-off-by: John O'Loughlin <[email protected]>
intel · Jan 10, 2024 · 323794f · 323794f
1 parent ade22dc
commit 323794f
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -52,3 +52,19 @@ jobs:
  uses: github/codeql-action/upload-sarif@012739e5082ff0c22ca6d6ab32e07c36df03c4a4 # v3.22.12
  with:
  sarif_file: 'trivy-results.sarif'
+
+ - name: Run Trivy vulnerability scanner in repo mode
+ uses: aquasecurity/trivy-action@master
+ with:
+ scan-type: 'fs'
+ ignore-unfixed: true
+ format: 'table'
+ output: './trivy_config.txt'
+ severity: 'CRITICAL,HIGH'
+
+ - name: GitHub Upload Release Artifacts
+ uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0
+ with:
+ name: trivy_report
+ path: |
+ ./trivy_config.txt