From bcdde3e4b1a3d4d06e53217ddbad260efb8a2824 Mon Sep 17 00:00:00 2001
From: Casey Waldren <cwaldren@launchdarkly.com>
Date: Thu, 14 Mar 2024 10:56:49 -0700
Subject: [PATCH] ci: use explicit relay version tag in Trivy Scan step

---
 .github/workflows/ci.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 13d78de1..d04d7d1f 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -59,9 +59,13 @@ jobs:
           platforms: linux/amd64,linux/arm64/v8,linux/arm/v7,linux/386
       - name: Build Docker Images
         run: make products-for-release
+      - name: Get current Relay version
+        id: image-tag
+        run:
+          echo "value=$(jq -r '.version' < dist/metadata.json)" >> $GITHUB_OUTPUT
       - uses: aquasecurity/trivy-action@master
         with:
-          image-ref: launchdarkly/ld-relay:latest
+          image-ref: launchdarkly/ld-relay:${{ steps.image-tag.outputs.value }}-amd64
           format: 'table'
           exit-code: '1'
           ignore-unfixed: true