fix: updated springboot version and trivy scan file

eclipse-tractusx · Jul 26, 2023 · 8fd2e2a · 8fd2e2a
1 parent 87ffd3d
commit 8fd2e2a
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 1 deletion.
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -107,3 +107,36 @@ jobs:
         uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: "trivy-results3.sarif"
+
+  analyze-product-bpdm-bridge-dummy:
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+      packages: read
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Run Trivy vulnerability scanner
+        if: always()
+        uses: aquasecurity/trivy-action@master
+        with:
+          # Path to Docker image
+          image-ref: "ghcr.io/${{ github.repository }}/bridge-dummy:latest"
+          format: "sarif"
+          output: "trivy-results4.sarif"
+          exit-code: "1"
+          severity: "CRITICAL,HIGH"
+          timeout: 15m
+        env:
+          TRIVY_USERNAME: ${{ github.actor }}
+          TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        if: always()
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: "trivy-results4.sarif"
diff --git a/pom.xml b/pom.xml
@@ -33,7 +33,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>3.0.9</version>
+        <version>3.0.7</version>
     </parent>
 
     <modules>