Skip to content

Commit

Permalink
feat(deps): update wetransform/gha-trivy action to v2
Browse files Browse the repository at this point in the history 
Includes generating SBOM in CycloneDX format.
  • Loading branch information
@we-renovate @stempler
we-renovate[bot] authored and stempler committed Jun 20, 2024
1 parent 7b16a5f commit fffeaac
Show file tree
Hide file tree
Showing 4 changed files with 6 additions and 6 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/dockerfile.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ jobs:
labels: ${{ steps.meta.outputs.labels }}

- name: Vulnerability check
uses: wetransform/gha-trivy@760b666e0603bc58978d2830de6e5e6ce8ac5dc0 # v1.1.1
uses: wetransform/gha-trivy@8a8c1ba0444e4f9308ba94f3d004d67aac8cc65f # v2.0.1
with:
image-ref: "${{ inputs.image }}:${{ inputs.tag }}"
create-test-report: true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/gradle-library.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ jobs:
run: mkdir -p ${{ inputs.multi-module && 'trivy-gha-scan/build/test-results' || 'build/test-results' }}

- name: Vulnerability scan
uses: wetransform/gha-trivy@760b666e0603bc58978d2830de6e5e6ce8ac5dc0 # v1.1.1
uses: wetransform/gha-trivy@8a8c1ba0444e4f9308ba94f3d004d67aac8cc65f # v2.0.1
with:
junit-test-output: "${{ inputs.multi-module && 'trivy-gha-scan/build/test-results/trivy.xml' || 'build/test-results/trivy.xml' }}" # added to unit test report
report-retention-days: 30
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/gradle-service.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,15 +110,15 @@ jobs:
run: mkdir -p ${{ inputs.multi-module && 'trivy-gha-scan/build/test-results' || 'build/test-results' }}

- name: Vulnerability scan
uses: wetransform/gha-trivy@760b666e0603bc58978d2830de6e5e6ce8ac5dc0 # v1.1.1
uses: wetransform/gha-trivy@8a8c1ba0444e4f9308ba94f3d004d67aac8cc65f # v2.0.1
with:
image-ref: 'docker.io/${{ inputs.image-tag }}'
junit-test-output: "${{ inputs.multi-module && 'trivy-gha-scan/build/test-results/trivy.xml' || 'build/test-results/trivy.xml' }}" # added to unit test report
report-retention-days: 30
report-tag: ${{ inputs.image-tag }}

- name: Vulnerability scan (Image 2)
uses: wetransform/gha-trivy@760b666e0603bc58978d2830de6e5e6ce8ac5dc0 # v1.1.1
uses: wetransform/gha-trivy@8a8c1ba0444e4f9308ba94f3d004d67aac8cc65f # v2.0.1
if: ${{ inputs.image-tag-2 != '' }}
with:
image-ref: 'docker.io/${{ inputs.image-tag-2 }}'
Expand All @@ -127,7 +127,7 @@ jobs:
report-tag: ${{ inputs.image-tag-2 }}

- name: Vulnerability scan (Image 3)
uses: wetransform/gha-trivy@760b666e0603bc58978d2830de6e5e6ce8ac5dc0 # v1.1.1
uses: wetransform/gha-trivy@8a8c1ba0444e4f9308ba94f3d004d67aac8cc65f # v2.0.1
if: ${{ inputs.image-tag-3 != '' }}
with:
image-ref: 'docker.io/${{ inputs.image-tag-3 }}'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/play-service.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ jobs:
run: mkdir -p ${{ inputs.junit-test-folder }}

- name: Vulnerability scan
uses: wetransform/gha-trivy@760b666e0603bc58978d2830de6e5e6ce8ac5dc0 # v1.1.1
uses: wetransform/gha-trivy@8a8c1ba0444e4f9308ba94f3d004d67aac8cc65f # v2.0.1
with:
image-ref: 'docker.io/${{ inputs.image-tag }}'
junit-test-output: "${{ inputs.junit-test-folder }}/trivy.xml" # added to unit test report
Expand Down

0 comments on commit fffeaac

Please sign in to comment.