Skip to content

Commit

Permalink
Merge pull request #741 from dsmf/chore/trivy-fix
Browse files Browse the repository at this point in the history
chore(trivy):[#xxx] trivy fix mentioned in the Community Office Hour
  • Loading branch information
ds-jhartmann authored Jul 1, 2024
2 parents fd3ff5f + 4c51950 commit c6628e7
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
4 changes: 3 additions & 1 deletion .github/workflows/trivy-image-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -58,9 +58,11 @@ jobs:
image-ref: "localhost:5000/irs-api:testing"
format: "sarif"
output: "trivy-results2.sarif"
exit-code: "1"
exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
severity: "CRITICAL,HIGH"
trivyignores: .config/.trivyignore
limit-severities-for-sarif: true


- name: Upload Trivy scan results to GitHub Security tab
if: always()
Expand Down
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ _**For better traceability add the corresponding GitHub issue number in each cha

- Fixed ESS Investigation job processing not starting #579
- Policy store API returns 'rightOperand' without 'odrl:' prefix now (see traceability-foss/issues/970).
- Fixed trivy workflow to fail only on CRITICAL, HIGH (according to https://github.com/eclipse-tractusx/eclipse-tractusx.github.io/pull/949/files).

### Changed

Expand Down

0 comments on commit c6628e7

Please sign in to comment.