Skip to content

Commit

Permalink
chore: comment trivy action
Browse files Browse the repository at this point in the history
  • Loading branch information
@aatmanvaidya
aatmanvaidya committed Dec 20, 2024
1 parent 66b7b22 commit 4c15612
Showing 1 changed file with 17 additions and 17 deletions.
34 changes: 17 additions & 17 deletions .github/workflows/pr-security.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,20 +37,20 @@ jobs:
src: "."
continue-on-error: false

- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0
with:
scan-type: 'fs'
ignore-unfixed: true
format: 'sarif'
output: 'trivy-results.sarif'
limit-severities-for-sarif: true
severity: 'HIGH,CRITICAL'
scanners: 'vuln,misconfig,secret'
skip-dirs: '.vscode,docs'
exit-code: '1'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v.3.25.6
if: always()
with:
sarif_file: 'trivy-results.sarif'
# - name: Run Trivy vulnerability scanner in repo mode
# uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0
# with:
# scan-type: 'fs'
# ignore-unfixed: true
# format: 'sarif'
# output: 'trivy-results.sarif'
# limit-severities-for-sarif: true
# severity: 'HIGH,CRITICAL'
# scanners: 'vuln,misconfig,secret'
# skip-dirs: '.vscode,docs'
# exit-code: '1'
# - name: Upload Trivy scan results to GitHub Security tab
# uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v.3.25.6
# if: always()
# with:
# sarif_file: 'trivy-results.sarif'

0 comments on commit 4c15612

Please sign in to comment.