mirror of
https://github.com/coredns/coredns.git
synced 2025-10-27 16:24:19 -04:00
Fix trivy scan (#5967)
This PR fixes trivy scan caused by recent change in upsteam Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
This commit is contained in:
Yong Tang
GitHub
9
.github/workflows/trivy-scan.yaml
vendored
9
.github/workflows/trivy-scan.yaml
vendored
@@ -1,7 +1,7 @@
|
|||||||
name: Trivy Nightly Scan
|
name: Trivy Nightly Scan
|
||||||
on:
|
on:
|
||||||
schedule:
|
schedule:
|
||||||
- cron: '0 2 * * 5' #Run at 2AM UTC on every Friday
|
- cron: '0 2 * * 5' # Run at 2AM UTC on every Friday
|
||||||
|
|
||||||
permissions: read-all
|
permissions: read-all
|
||||||
jobs:
|
jobs:
|
||||||
@@ -20,15 +20,14 @@ jobs:
|
|||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
- name: Run Trivy vulnerability scanner
|
- name: Run Trivy vulnerability scanner
|
||||||
uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee # master
|
uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee # master
|
||||||
with:
|
with:
|
||||||
image-ref: 'docker.io/coredns/coredns:${{ matrix.versions }}'
|
image-ref: 'docker.io/coredns/coredns:${{ matrix.versions }}'
|
||||||
severity: 'CRITICAL,HIGH'
|
severity: 'CRITICAL,HIGH'
|
||||||
format: 'template'
|
format: 'sarif'
|
||||||
template: '@/contrib/sarif.tpl'
|
|
||||||
output: 'trivy-results.sarif'
|
output: 'trivy-results.sarif'
|
||||||
|
|
||||||
- name: Upload Trivy scan results to GitHub Security tab
|
- name: Upload Trivy scan results to GitHub Security tab
|
||||||
uses: github/codeql-action/upload-sarif@16964e90ba004cdf0cd845b866b5df21038b7723 # v2.2.6
|
uses: github/codeql-action/upload-sarif@16964e90ba004cdf0cd845b866b5df21038b7723 # v2.2.6
|
||||||
with:
|
with:
|
||||||
sarif_file: 'trivy-results.sarif'
|
sarif_file: 'trivy-results.sarif'
|
||||||
|
|||||||
Reference in New Issue
Block a user