File tree 2 files changed +8
-2
lines changed
2 files changed +8
-2
lines changed Original file line number Diff line number Diff line change @@ -46,13 +46,16 @@ jobs:
4646 - name : Push images
4747 run : ./build --push
4848 - name : Run Trivy vulnerability scanner
49- uses : aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24 .0
49+ uses : aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28 .0
5050 with :
5151 image-ref : ' ${{ steps.build.outputs.LATEST_IMAGE_TAG }}'
5252 format : ' sarif'
5353 output : ' trivy-results.sarif'
5454 severity : ' CRITICAL,HIGH'
5555 limit-severities-for-sarif : true
56+ env :
57+ TRIVY_DB_REPOSITORY : ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
58+ TRIVY_JAVA_DB_REPOSITORY : ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db
5659 - name : Upload Trivy scan results to GitHub Security tab
5760 uses : github/codeql-action/upload-sarif@v3
5861 with :
Original file line number Diff line number Diff line change @@ -30,13 +30,16 @@ jobs:
3030 docker-images : false # Do not remove locally built images (including trivy scanner)
3131
3232 - name : Run Trivy vulnerability scanner
33- uses : aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24 .0
33+ uses : aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28 .0
3434 with :
3535 image-ref : ' ghcr.io/datadog/dd-trace-java-docker-build:latest'
3636 format : ' sarif'
3737 output : ' trivy-results.sarif'
3838 severity : ' CRITICAL,HIGH'
3939 limit-severities-for-sarif : true
40+ env :
41+ TRIVY_DB_REPOSITORY : ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
42+ TRIVY_JAVA_DB_REPOSITORY : ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db
4043
4144 - name : Upload Trivy scan results to GitHub Security tab
4245 uses : github/codeql-action/upload-sarif@v3
You can’t perform that action at this time.
0 commit comments