Skip to content

Commit

Permalink
add trivy scan
Browse files Browse the repository at this point in the history
  • Loading branch information
maaikelimper committed Nov 21, 2024
1 parent 4ac99e0 commit a60d583
Showing 1 changed file with 27 additions and 0 deletions.
27 changes: 27 additions & 0 deletions .github/workflows/trivy.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
name: Run Trivy vulnerability scanner


on: [ push ]

jobs:
main:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Build wis2box-auth
run: |
docker build -t wis2box-auth:test .
- name: Run Trivy vulnerability scanner on wis2box-auth
if: always()
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
with:
image-ref: 'wis2box-auth:test'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'

0 comments on commit a60d583

Please sign in to comment.