diff --git a/README.md b/README.md index f76e694..469c5c2 100644 --- a/README.md +++ b/README.md @@ -34,12 +34,12 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Build an image from Dockerfile run: | docker build -t docker.io/my-organization/my-app:${{ github.sha }} . - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}' format: 'table' @@ -64,10 +64,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner in fs mode - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: scan-type: 'fs' scan-ref: '.' @@ -109,7 +109,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Generate tarball from image run: | @@ -117,7 +117,7 @@ jobs: docker save -o vuln-image.tar - name: Run Trivy vulnerability scanner in tarball mode - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: input: /github/workspace/vuln-image.tar severity: 'CRITICAL,HIGH' @@ -138,14 +138,14 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Build an image from Dockerfile run: | docker build -t docker.io/my-organization/my-app:${{ github.sha }} . - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}' format: 'sarif' @@ -173,14 +173,14 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Build an image from Dockerfile run: | docker build -t docker.io/my-organization/my-app:${{ github.sha }} . - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}' format: 'sarif' @@ -212,10 +212,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: scan-type: 'fs' ignore-unfixed: true @@ -246,10 +246,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner with rootfs command - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: scan-type: 'rootfs' scan-ref: 'rootfs-example-binary' @@ -281,10 +281,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner in IaC mode - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: scan-type: 'config' hide-progress: true @@ -325,10 +325,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: scan-type: 'fs' format: 'github' @@ -359,7 +359,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Scan image in a private registry - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: image-ref: "private_image_registry/image_name:image_tag" scan-type: image @@ -399,10 +399,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}' format: 'sarif' @@ -435,10 +435,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: image-ref: 'aws_account_id.dkr.ecr.region.amazonaws.com/imageName:${{ github.sha }}' format: 'sarif' @@ -471,10 +471,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}' format: 'sarif' @@ -504,10 +504,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}' format: 'sarif' @@ -530,7 +530,7 @@ This step is especially useful for private repositories without [GitHub Advanced ```yaml - name: Run Trivy scanner - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.21.0 with: scan-type: config hide-progress: true