From 1258e3b2f20a91d77eaf99874002d1aab99a7b60 Mon Sep 17 00:00:00 2001
From: Yong Tang <yong.tang.github@outlook.com>
Date: Mon, 13 Mar 2023 11:31:24 -0700
Subject: [PATCH] Fix trivy scan (#5967)

This PR fixes trivy scan caused by recent change in upsteam

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
---
 .github/workflows/trivy-scan.yaml | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/trivy-scan.yaml b/.github/workflows/trivy-scan.yaml
index 24ef176d0..65586d067 100644
--- a/.github/workflows/trivy-scan.yaml
+++ b/.github/workflows/trivy-scan.yaml
@@ -1,7 +1,7 @@
 name: Trivy Nightly Scan
 on:
   schedule:
-    - cron: '0 2 * * 5'  #Run at 2AM UTC on every Friday
+    - cron: '0 2 * * 5'  # Run at 2AM UTC on every Friday
 
 permissions: read-all
 jobs:
@@ -20,15 +20,14 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v3
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee # master
+        uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee  # master
         with:
           image-ref: 'docker.io/coredns/coredns:${{ matrix.versions }}'
           severity: 'CRITICAL,HIGH'
-          format: 'template'
-          template: '@/contrib/sarif.tpl'
+          format: 'sarif'
           output: 'trivy-results.sarif'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@16964e90ba004cdf0cd845b866b5df21038b7723 # v2.2.6
+        uses: github/codeql-action/upload-sarif@16964e90ba004cdf0cd845b866b5df21038b7723  # v2.2.6
         with:
           sarif_file: 'trivy-results.sarif'