From d4aa361f40aea04bc0d6e032bffb2329ca389b26 Mon Sep 17 00:00:00 2001
From: Binbin Li <libinbin@microsoft.com>
Date: Wed, 6 Nov 2024 18:39:39 +0800
Subject: [PATCH] Update scan-vulns.yaml

---
 .github/workflows/scan-vulns.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/scan-vulns.yaml b/.github/workflows/scan-vulns.yaml
index 81faee828..bcfc1a563 100644
--- a/.github/workflows/scan-vulns.yaml
+++ b/.github/workflows/scan-vulns.yaml
@@ -57,7 +57,7 @@ jobs:
 
       - name: Run trivy on git repository
         run: |
-          trivy fs --skip-db-update --cache-dir $GITHUB_WORKSPACE/.cache/trivy/ --format table --ignore-unfixed --scanners vuln .
+          trivy fs --skip-db-update --cache-dir ${{ github.workspace }}/.cache/trivy/ --format table --ignore-unfixed --scanners vuln .
 
       - name: Build docker images
         run: |
@@ -66,10 +66,10 @@ jobs:
       - name: Run trivy on images for all severity
         run: |
           for img in "localbuild:test" "localbuildcrd:test"; do
-              trivy image --skip-db-update --cache-dir $GITHUB_WORKSPACE/.cache/trivy/ --ignore-unfixed --vuln-type="os,library" "${img}"
+              trivy image --skip-db-update --cache-dir ${{ github.workspace }}/.cache/trivy/ --ignore-unfixed --vuln-type="os,library" "${img}"
           done
       - name: Run trivy on images and exit on HIGH/CRITICAL severity
         run: |
           for img in "localbuild:test" "localbuildcrd:test"; do
-              trivy image --skip-db-update --cache-dir $GITHUB_WORKSPACE/.cache/trivy/ --ignore-unfixed --exit-code 1 --severity HIGH,CRITICAL --vuln-type="os,library" "${img}"
-          done
\ No newline at end of file
+              trivy image --skip-db-update --cache-dir ${{ github.workspace }}/.cache/trivy/ --ignore-unfixed --exit-code 1 --severity HIGH,CRITICAL --vuln-type="os,library" "${img}"
+          done