From 8b522267386abd7b2d72d5b00f07d7bc0e23a5a9 Mon Sep 17 00:00:00 2001
From: Lukas G <20104521+zLukas@users.noreply.github.com>
Date: Mon, 21 Oct 2024 17:05:11 +0200
Subject: [PATCH] CI: Update trivy.yml (#1001)

ci: reorder steps for trivy scans
---
 .github/workflows/trivy.yml | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index a7f58b9e..772afc48 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -53,21 +53,22 @@ jobs:
           ignore-unfixed: true
           vuln-type: 'os,library'
           output: 'Trivy-image-scan-results.sarif'
+      - name: Upload Trivy scan results to GitHub Security tab
+        if: always()
+        uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
+        with:
+          sarif_file: 'Trivy-image-scan-results.sarif'
       - name: Run Trivy vulnerability scanner with with table output
         if: always()
         uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0
         with:
           image-ref: 'mtl:latest'
           format: 'table'
-          exit-code: '1'
+          exit-code: '0'
           ignore-unfixed: true
           vuln-type: 'os,library'
           output: 'Trivy-image-scan-results.txt'
-      - name: Upload Trivy scan results to GitHub Security tab
-        if: always()
-        uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
-        with:
-          sarif_file: 'Trivy-image-scan-results.sarif'
+
       - uses: actions/upload-artifact@v4
         if: always()
         with: