Skip to content

Commit

Permalink
[CONFIG] [Gihub Actions] Docker analisys with Trivy: new secondary "t…
Browse files Browse the repository at this point in the history
…able" output.
  • Loading branch information
Gonzalo Diaz committed Jul 20, 2024
1 parent b1695d5 commit 71cc75c
Showing 1 changed file with 23 additions and 1 deletion.
24 changes: 23 additions & 1 deletion .github/workflows/docker-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,7 @@ jobs:
with:
sarif_file: 'snyk.sarif'
scan:
name: "Trivy"
name: "Trivy (sarif)"
runs-on: ubuntu-latest
needs: build
permissions:
Expand Down Expand Up @@ -187,3 +187,25 @@ jobs:
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'

report:
name: "Trivy (report)"
runs-on: ubuntu-latest
needs: build
steps:
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.ARTIFACT_NAME }}_prod
path: /tmp/

- name: Load image
run: |
docker load --input /tmp/${{ env.ARTIFACT_NAME }}_prod.tar
docker image ls -a
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
image-ref: ${{ env.IMAGE_NAME }}:${{ github.sha }}
format: 'table'

0 comments on commit 71cc75c

Please sign in to comment.