eclipse-tractusx · scherersebastian · Nov 28, 2022 · Nov 28, 2022 · Nov 28, 2022 · Nov 28, 2022
diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml
@@ -47,22 +47,9 @@ jobs:
           # token: ${{ secrets.GITHUB_TOKEN }}
           # enable_comments: true
           # Exclude accepted results from the build
-          exclude_results: "dda6420c385b33bef69f4db723fee4f469c93e851370c868a15af9bce5b3ec44,\
-            03df1ef13c69b0ada26fc5bbf35eabca288c5c3c93c0f5d918e41f4951ca8795,\
-            cd97103ed4e69cbeea5097168f744fdeffade5f6a5bf0b0f0b6bdaaa91b6815e,\
-            724d6b5be1557dd1a6a2fb0e5c10ec0bcca20092c02fafad544c19a0b6d0e38f,\
-            b8f92f3e5419d7e0bdefd956549b372fec72affbb25b735cbc59f0e9762f6943,\
-            9cc9972d007cadc1b17d7ff64eb9aa66648c32997279c5b80c411abbcfbf3c5a,\
-            663dfa114d46fb8eebf7e98ff0ba3f60f80b8059f8c170c12b07feb909b36f19,\
-            edc4c9ac9ee139c0d7947410439b66e3c6290cb97a37d97a7519d3d5e56a5a84,\
-            7f3e9461a3abdb7a281fdc736fb0827e69e9278ccd6b929bd32fc2d84336f68c,\
-            10e4fff1f26f0a765423e35a7d8952363a6e8961a58e20b3017cd7818745eb36"
+          # exclude_results:
           # Exclude accepted queries from the build
-          exclude_queries: "9f88c88d-824d-4d9a-b985-e22977046042,\
-          00b78adf-b83f-419c-8ed8-c6018441dd3a,\
-          8c8261c2-19a9-4ef7-ad37-b8bc7bdd4d85,\
-          8c81d6c0-716b-49ec-afa5-2d62da4e3f3c,\
-          2d8c175a-6d90-412b-8b0e-e034ea49a1fe"
+          # exclude_queries: 
 
       # Upload findings to GitHub Advanced Security Dashboard
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
@@ -76,4 +63,4 @@ jobs:
         if: always()
         with:
           name: kicsResults.json
-          path: kicsResults/results.json
+          path: kicsResults/results.json
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -40,8 +40,7 @@ jobs:
           format: "sarif"
           output: "trivy-results1.sarif"
           severity: "CRITICAL,HIGH"
-          skip-dirs: "charts/connector/aasregistry,charts/connector/daps,charts/connector/edc-provider,charts/connector/submodelservers,charts/irs-environments/local"
-
+
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2
         if: always()
@@ -59,18 +58,6 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v3
 
-      - name: Determine image version
-        id: version
-        run: |
-          # Strip git ref prefix from version
-          VERSION=$(echo "${{ github.head_ref || github.ref }}" | sed -e 's,.*/\(.*\),\1,')
-          # Strip "v" prefix from tag name
-          [[ "${{ github.head_ref || github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
-          # Use Docker `latest` tag convention
-          [ "$VERSION" == "main" ] && VERSION=latest
-          echo VERSION=$VERSION
-          echo "::set-output name=image_tag::$VERSION"
-
       # It's also possible to scan your private registry with Trivy's built-in image scan.
       # All you have to do is set ENV vars.
       # Docker Hub needs TRIVY_USERNAME and TRIVY_PASSWORD.
@@ -81,7 +68,7 @@ jobs:
         uses: aquasecurity/trivy-action@master
         with:
           # Path to Docker image
-          image-ref: "ghcr.io/catenax-ng/irs-api:${{ steps.version.outputs.image_tag }} "
+          image-ref: "ghcr.io/catenax-ng/irs-api:latest"
           format: "sarif"
           output: "trivy-results2.sarif"
           exit-code: "1"