From 5142a037131ecf4da706267d377e8ed93f6c69d8 Mon Sep 17 00:00:00 2001
From: Darren Tu <darrentu@users.noreply.github.com>
Date: Fri, 25 Oct 2024 11:54:17 -0700
Subject: [PATCH] Fix the Trivy scanner (#504)

* Update CI.yml

* Update CI.yml

* Update base.Dockerfile

* Update CI.yml

* Update CI.yml

* Update base.Dockerfile
---
 .github/workflows/CI.yml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
index 72eba08d..11106fec 100644
--- a/.github/workflows/CI.yml
+++ b/.github/workflows/CI.yml
@@ -43,14 +43,13 @@ jobs:
 
       - name: Create temporary trivy directories
         run: |
-          sudo mkdir $GITHUB_WORKSPACE/trivy-tmp
-          sudo mkdir $GITHUB_WORKSPACE/trivy-tmp/.cache
+          mkdir -p $GITHUB_WORKSPACE/trivy-tmp/.cache
           echo "TMPDIR=$GITHUB_WORKSPACE/trivy-tmp" >> $GITHUB_ENV
           echo "TRIVY_CACHE_DIR=$GITHUB_WORKSPACE/trivy-tmp/.cache" >> $GITHUB_ENV
 
       - name: Scan base image with Trivy
         id: trivy-base-scan
-        uses: aquasecurity/trivy-action@0.20.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           scan-type: 'image'
           image-ref: base_cloudshell
@@ -64,7 +63,7 @@ jobs:
 
       - name: Scan Tools image with Trivy
         id: trivy-tools-scan
-        uses: aquasecurity/trivy-action@0.20.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           scan-type: 'image'
           image-ref: tools_cloudshell