ci: update trivy scan job
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
This commit is contained in:
parent
4a5f2dbb4d
commit
95e81a925f
1 changed files with 2 additions and 3 deletions
5
.github/workflows/artifacts.yaml
vendored
5
.github/workflows/artifacts.yaml
vendored
|
@ -106,11 +106,10 @@ jobs:
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Run Trivy vulnerability scanner
|
- name: Run Trivy vulnerability scanner
|
||||||
uses: aquasecurity/trivy-action@0.2.3
|
uses: aquasecurity/trivy-action@0.2.4
|
||||||
with:
|
with:
|
||||||
image-ref: "ghcr.io/dexidp/dex:${{ needs.container-images.outputs.version }}"
|
image-ref: "ghcr.io/dexidp/dex:${{ needs.container-images.outputs.version }}"
|
||||||
format: "template"
|
format: "sarif"
|
||||||
template: "@/contrib/sarif.tpl"
|
|
||||||
output: "trivy-results.sarif"
|
output: "trivy-results.sarif"
|
||||||
|
|
||||||
- name: Upload Trivy scan results to GitHub Security tab
|
- name: Upload Trivy scan results to GitHub Security tab
|
||||||
|
|
Reference in a new issue