Merge pull request opendatahub-io#614 from caponetto/allow-trivy-seve…

…rities Enable all severities on the Trivy daily report
odh-on-pz · Jul 11, 2024 · 832677a · 832677a
2 parents 0cb7484 + f284774
commit 832677a
Showing 1 changed file with 0 additions and 7 deletions.
diff --git a/.github/workflows/build-notebooks-TEMPLATE.yaml b/.github/workflows/build-notebooks-TEMPLATE.yaml
@@ -168,12 +168,6 @@ jobs:
           IMAGE_NAME=${{ steps.resolve-image.outputs.image }}
           echo "Scanning $IMAGE_NAME"
 
-          SEVERITY_OPTION=""
-          # Report only higher vulnerabilities if not a pull request
-          if [ "${{ fromJson(inputs.github).event_name }}" != "pull_request" ]; then
-            SEVERITY_OPTION="--severity CRITICAL,HIGH"
-          fi
-
           # have trivy access podman socket,
           # https://github.com/aquasecurity/trivy/issues/580#issuecomment-666423279
           podman run --rm \
@@ -185,7 +179,6 @@ jobs:
                 --podman-host /var/run/podman/podman.sock \
                 --scanners vuln --ignore-unfixed \
                 --exit-code 0 --timeout 30m \
-                $SEVERITY_OPTION \
                 --format template --template "@/report/$REPORT_TEMPLATE" -o /report/$REPORT_FILE \
                 $IMAGE_NAME