bcgov · rshourou · Jun 20, 2023
diff --git a/.github/workflows/dev-email-worker.yml b/.github/workflows/dev-email-worker.yml
@@ -74,19 +74,7 @@ jobs:
 
       #Run Vulnerability Scan usinig Trivy scanner
       - name: Run Trivy vulnerability scanner for dev-email-worker
-        uses: aquasecurity/trivy-action@master
+        uses: bcgov/pipeline-templates/.github/workflows/trivy-container.yaml@main
         with:
-          scan-type: image
-          image-ref: "dev-email-worker:${{ needs.app-version.outputs.app-version }}"
-          format: sarif
-          output: trivy-results.sarif
-          exit-code: 1
-          ignore-unfixed: true
-          severity: HIGH,CRITICAL
-
-        #Upload results to the Github security tab.
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
-        if: always()
-        with:
-          sarif_file: trivy-results.sarif
+          IMAGE: dev-email-worker
+          TAG: latest