From 24e9f2be3b32e449ffdd27be836a802aff6499e0 Mon Sep 17 00:00:00 2001 From: holomekc <30546982+holomekc@users.noreply.github.com> Date: Mon, 1 Apr 2024 06:17:22 +0200 Subject: [PATCH] docker-image-scan.yml aktualisieren --- .github/workflows/docker-image-scan.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/docker-image-scan.yml b/.github/workflows/docker-image-scan.yml index 3a8c61ea71..51dab3ce29 100644 --- a/.github/workflows/docker-image-scan.yml +++ b/.github/workflows/docker-image-scan.yml @@ -95,7 +95,7 @@ jobs: hide-progress: true cache-dir: .trivy github-pat: ${{ secrets.GITHUB_TOKEN }} - - name: Run Trivy json result + - name: Run Trivy json result alpine uses: aquasecurity/trivy-action@0.19.0 with: image-ref: 'docker.io/holomekc/wiremock-gui:${{ steps.extract-version.outputs.version }}-alpine' @@ -107,7 +107,7 @@ jobs: severity: 'CRITICAL,HIGH' hide-progress: true cache-dir: .trivy - - name: Run Trivy sarif result + - name: Run Trivy sarif result alpine uses: aquasecurity/trivy-action@0.19.0 with: image-ref: 'docker.io/holomekc/wiremock-gui:${{ steps.extract-version.outputs.version }}-alpine' @@ -120,7 +120,7 @@ jobs: limit-severities-for-sarif: true hide-progress: true cache-dir: .trivy - - name: Run Trivy sbom result + - name: Run Trivy sbom result alpine uses: aquasecurity/trivy-action@0.19.0 with: image-ref: 'docker.io/holomekc/wiremock-gui:${{ steps.extract-version.outputs.version }}-alpine' @@ -146,7 +146,7 @@ jobs: echo "result=${code}" >> $GITHUB_OUTPUT cat trivy-result.sarif - - name: Check result + - name: Check result alpine id: trivy-result-alpine shell: bash run: | @@ -160,6 +160,10 @@ jobs: uses: github/codeql-action/upload-sarif@v3 with: sarif_file: 'trivy-result.sarif' + - name: Upload Trivy alpine scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-result-alpine.sarif' docker: needs: [scan]