Skip to content

aquasecurity/setup-trivy

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 

Repository files navigation

setup-trivy

Set up your GitHub Actions workflow with a specific version of Trivy

Usage

Install the latest Trivy version

# ...
steps:
  - name: Install Trivy
    uses: aquasecurity/[email protected]

Install a specific Trivy version

# ...
steps:
  - name: Install Trivy
    uses: aquasecurity/[email protected]
    with:
      version: v0.56.2

Caching

setup-trivy uses actions/cache under the hood but requires less configuration settings. This caches the trivy binary so that next time you run, instead of downloading the binary it is loaded from the cache. This is not the same cache as other Trivy artifacts such as trivy-db and trivy-java-db.

The cache input is optional, and caching is turned off by default.

Caching is not supported for empty and latest versions!

Enable caching

If you want to enable caching for Linux and MacOS runners, set the cache input to true and specify the version.

steps:
  - name: Install Trivy
    uses: aquasecurity/[email protected]
    with:
      version: v0.56.2
      cache: true

Custom path to Trivy binary

action/cache doesn't support absolute path for Windows runners (see here for more details).

To enable caching for Windows runner or if you need to change the Trivy installation directory for other reasons - use path input.

setup-trivy adds trivy-bin directory to avoid caching unnecessary files

steps:
  - name: Install Trivy
    uses: aquasecurity/[email protected]
    with:
      version: v0.56.2
      cache: true
      path: "./bins"

Install Trivy with non-default token

There are cases when github.token (default value for actions/checkout) contains an invalid token for http://github.com. One of example for this when using GitHub Enterprise Server (GHES). See more info in #10

To properly install Trivy, you need to populate token from a secret or another step (e.g. from https://github.com/actions/create-github-app-token)

steps:
  - name: Install Trivy
    uses: aquasecurity/[email protected]
    with:
      version: v0.56.2
      cache: true
      token: ${{ secrets.GITHUB_PAT }}

About

Set up your GitHub Actions workflow with a specific version of Trivy

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •