extern/zabbix-docker
1
0
Fork 0
mirror of https://github.com/zabbix/zabbix-docker.git synced 2024-11-22 07:43:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added vulnerability scanner

Browse Source
This commit is contained in:
Alexey Pustovalov 2024-07-24 18:29:09 +09:00
parent 7a9e42a895
commit 50ebc1abbc
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.github/workflows/images_build.yml vendored
View File

@ -389,6 +389,16 @@ jobs:
cache-from: ${{ steps.cache_data.outputs.cache_from }} cache-from: ${{ steps.cache_data.outputs.cache_from }}
cache-to: ${{ steps.cache_data.outputs.cache_to }} cache-to: ${{ steps.cache_data.outputs.cache_to }}
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@0.20.0
with:
image-ref: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
- name: Sign the images with GitHub OIDC Token - name: Sign the images with GitHub OIDC Token
if: ${{ env.AUTO_PUSH_IMAGES == 'true' }} if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}
env: env: