Skip to content
CI

build(deps): bump aquasecurity/trivy-action from 0.12.0 to 0.13.0 #1296

Sign in to view logs

build(deps): bump aquasecurity/trivy-action from 0.12.0 to 0.13.0

build(deps): bump aquasecurity/trivy-action from 0.12.0 to 0.13.0 #1296

Workflow file for this run

.github/workflows/ci.yml at f92e86a
name: CI
on:
push:
branches:
- main
paths-ignore:
- examples/**
pull_request:
branches:
- main
paths-ignore:
- examples/**
permissions: { }
jobs:
licensecheck:
name: License Check
timeout-minutes: 5
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v4.1.1
- name: Check license headers
uses: apache/skywalking-eyes@438e4ea5682269933ea2c8b5608662e52af26959 # tag=v0.4.0
with:
config: .licenserc.yml
lint:
name: Lint
timeout-minutes: 5
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v4.1.1
- name: Setup Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # tag=v4.1.0
with:
go-version: "1.20"
check-latest: true
- name: Run golangci-lint
uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # tag=v3.7.0
with:
version: latest
- name: Scan Dockerfiles
uses: aquasecurity/trivy-action@b77b85c0254bba6789e787844f0585cde1e56320 # tag=0.13.0
with:
scan-type: config
skip-files: "Dockerfile.examples,Dockerfile.gitpod"
severity: "MEDIUM,HIGH,CRITICAL"
exit-code: "1"
test:
name: Test
timeout-minutes: 5
runs-on: ubuntu-latest
steps:
- name: Setup Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # tag=v4.1.0
with:
go-version: "1.20"
check-latest: true
- name: Setup CycloneDX CLI
run: |
mkdir -p "$HOME/.local/bin"
echo "$HOME/.local/bin" >> $GITHUB_PATH
wget -O "$HOME/.local/bin/cyclonedx" https://github.com/CycloneDX/cyclonedx-cli/releases/download/v0.24.2/cyclonedx-linux-x64
echo "ef0d3b31d176e02bc594f83e19cfcea053c6bc5b197351f71696e189390f851d $HOME/.local/bin/cyclonedx" | sha256sum -c
chmod +x "$HOME/.local/bin/cyclonedx"
- name: Checkout Repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v4.1.1
- name: Test
run: make test