Skip to content

Commit

Permalink
💚 [maykinmedia/objects-api#463] Temporarily disable Trivy in CI
Browse files Browse the repository at this point in the history
  • Loading branch information
stevenbal committed Oct 3, 2024
1 parent d03fd1b commit dc1e6ba
Showing 1 changed file with 22 additions and 22 deletions.
44 changes: 22 additions & 22 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -162,28 +162,28 @@ jobs:
path: image.tar
retention-days: 1

image_scan:
runs-on: ubuntu-latest
name: Scan docker image
needs:
- docker

steps:
- name: Download built image
uses: actions/download-artifact@v3
with:
name: docker-image
- name: Scan image with Trivy
uses: aquasecurity/trivy-action@master
with:
input: /github/workspace/image.tar # from download-artifact
format: 'sarif'
output: 'trivy-results-docker.sarif'
ignore-unfixed: true
- name: Upload results to GH Security tab
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results-docker.sarif'
# image_scan:
# runs-on: ubuntu-latest
# name: Scan docker image
# needs:
# - docker

# steps:
# - name: Download built image
# uses: actions/download-artifact@v3
# with:
# name: docker-image
# - name: Scan image with Trivy
# uses: aquasecurity/trivy-action@master
# with:
# input: /github/workspace/image.tar # from download-artifact
# format: 'sarif'
# output: 'trivy-results-docker.sarif'
# ignore-unfixed: true
# - name: Upload results to GH Security tab
# uses: github/codeql-action/upload-sarif@v3
# with:
# sarif_file: 'trivy-results-docker.sarif'

publish:
needs:
Expand Down

0 comments on commit dc1e6ba

Please sign in to comment.