-
Notifications
You must be signed in to change notification settings - Fork 341
31 lines (26 loc) · 739 Bytes
/
trivy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
name: Trivy
on:
push:
branches:
- "main"
schedule:
- cron: '55 17 * * 5'
permissions:
contents: read
jobs:
image-scan:
permissions:
contents: read # for actions/checkout to fetch code
name: Image Scan
runs-on: ubuntu-22.04
steps:
- name: Checkout code
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Build an image from Dockerfile
run: |
IMAGE=envoy-proxy/gateway-dev TAG=${{ github.sha }} make image
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # v0.20.0
with:
image-ref: envoy-proxy/gateway-dev:${{ github.sha }}
exit-code: '1'