ci: replace trivy github action with docker-based scan
CI Pipeline / HTML Lint (push) Successful in 7s
Deploy QA / Build and Push (push) Successful in 15s
CI Pipeline / Build Docker Image (push) Successful in 56s
Deploy QA / Deploy to QA (push) Failing after 2s
CI Pipeline / Security Scan (push) Failing after 24s
Deploy QA / Notification (push) Failing after 2s
CI Pipeline / Generate Summary (push) Failing after 1s
CI Pipeline / HTML Lint (push) Successful in 7s
Deploy QA / Build and Push (push) Successful in 15s
CI Pipeline / Build Docker Image (push) Successful in 56s
Deploy QA / Deploy to QA (push) Failing after 2s
CI Pipeline / Security Scan (push) Failing after 24s
Deploy QA / Notification (push) Failing after 2s
CI Pipeline / Generate Summary (push) Failing after 1s
This commit is contained in:
@@ -76,13 +76,11 @@ jobs:
|
|||||||
needs: build
|
needs: build
|
||||||
steps:
|
steps:
|
||||||
- name: Run Trivy vulnerability scanner
|
- name: Run Trivy vulnerability scanner
|
||||||
uses: aquasecurity/trivy-action@master
|
run: |
|
||||||
with:
|
docker run --rm \
|
||||||
image-ref: ci-image:latest
|
-v /var/run/docker.sock:/var/run/docker.sock \
|
||||||
format: table
|
aquasec/trivy:latest \
|
||||||
exit-code: 1
|
image --severity HIGH,CRITICAL --exit-code 1 --ignore-unfixed ci-image:latest
|
||||||
severity: HIGH,CRITICAL
|
|
||||||
ignore-unfixed: true
|
|
||||||
|
|
||||||
summary:
|
summary:
|
||||||
name: Generate Summary
|
name: Generate Summary
|
||||||
|
|||||||
Reference in New Issue
Block a user