From 8fd2e2a56765ce71eee426e495e3b207ddbd914c Mon Sep 17 00:00:00 2001 From: SujitMBRDI Date: Wed, 26 Jul 2023 17:42:12 +0530 Subject: [PATCH] fix: updated springboot version and trivy scan file --- .github/workflows/trivy.yml | 33 +++++++++++++++++++++++++++++++++ pom.xml | 2 +- 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 4956d43dd..1115869c9 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -107,3 +107,36 @@ jobs: uses: github/codeql-action/upload-sarif@v2 with: sarif_file: "trivy-results3.sarif" + + analyze-product-bpdm-bridge-dummy: + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + packages: read + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Run Trivy vulnerability scanner + if: always() + uses: aquasecurity/trivy-action@master + with: + # Path to Docker image + image-ref: "ghcr.io/${{ github.repository }}/bridge-dummy:latest" + format: "sarif" + output: "trivy-results4.sarif" + exit-code: "1" + severity: "CRITICAL,HIGH" + timeout: 15m + env: + TRIVY_USERNAME: ${{ github.actor }} + TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} + + - name: Upload Trivy scan results to GitHub Security tab + if: always() + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: "trivy-results4.sarif" diff --git a/pom.xml b/pom.xml index 213113739..bcc87d640 100644 --- a/pom.xml +++ b/pom.xml @@ -33,7 +33,7 @@ org.springframework.boot spring-boot-starter-parent - 3.0.9 + 3.0.7