From a57f21c3154cd7f2172f5a30897ee424f9c43dd1 Mon Sep 17 00:00:00 2001 From: Steven Bal Date: Thu, 3 Oct 2024 16:58:00 +0200 Subject: [PATCH] :green_heart: [maykinmedia/objects-api#463] Temporarily disable Trivy in CI --- .github/workflows/ci.yml | 44 ++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 245c248d..a302d5b4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -160,28 +160,28 @@ jobs: path: image.tar retention-days: 1 - image_scan: - runs-on: ubuntu-latest - name: Scan docker image - needs: - - docker - - steps: - - name: Download built image - uses: actions/download-artifact@v3 - with: - name: docker-image - - name: Scan image with Trivy - uses: aquasecurity/trivy-action@master - with: - input: /github/workspace/image.tar # from download-artifact - format: 'sarif' - output: 'trivy-results-docker.sarif' - ignore-unfixed: true - - name: Upload results to GH Security tab - uses: github/codeql-action/upload-sarif@v3 - with: - sarif_file: 'trivy-results-docker.sarif' + # image_scan: + # runs-on: ubuntu-latest + # name: Scan docker image + # needs: + # - docker + + # steps: + # - name: Download built image + # uses: actions/download-artifact@v3 + # with: + # name: docker-image + # - name: Scan image with Trivy + # uses: aquasecurity/trivy-action@master + # with: + # input: /github/workspace/image.tar # from download-artifact + # format: 'sarif' + # output: 'trivy-results-docker.sarif' + # ignore-unfixed: true + # - name: Upload results to GH Security tab + # uses: github/codeql-action/upload-sarif@v3 + # with: + # sarif_file: 'trivy-results-docker.sarif' publish: needs: