Skip to content

Commit

Permalink
Added trivy scanner (#37)
Browse files Browse the repository at this point in the history
* Added trivy scanner

* changing scan type

* Uppercasing for severity

* scan-type

* Removing progress hiding

* changed severity

* Trying action again

* Name changes for jobs
  • Loading branch information
J0HNB0Y authored Feb 21, 2022
1 parent 098a629 commit 7fb67d1
Showing 1 changed file with 31 additions and 0 deletions.
31 changes: 31 additions & 0 deletions .github/workflows/trivy.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# Copyright 2022 Hewlett Packard Enterprise Development LP
name: Trivy
on:
pull_request:
jobs:
build:
name: Build
runs-on: ubuntu-18.04
steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Trivy vulnerability scanner (Terraform config)
uses: aquasecurity/trivy-action@master
with:
scan-type: 'config'
hide-progress: false
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITICAL,HIGH'

- name: Run Trivy vulnerability scanner (go.mod)
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
hide-progress: false
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITICAL,HIGH'

0 comments on commit 7fb67d1

Please sign in to comment.