Skip to content

Commit

Permalink
chore(deps): bump aquasecurity/trivy-action from 0.24.0 to 0.26.0
Browse files Browse the repository at this point in the history 
This is the version that includes storing artifacts in cache by default, and that should alleviate the rate limiting issues.
  • Loading branch information
@eliflores
eliflores committed Oct 9, 2024
1 parent 6640ebb commit 4a734c2
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/pipeline.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ jobs:
- name: Run Trivy vulnerability scanner
# Third-party action, pin to commit SHA!
# See https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8
uses: aquasecurity/trivy-action@a20de5420d57c4102486cdd9578b45609c99d7eb
with:
image-ref: ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_IMAGE_NAME }}:${{ env.CONTAINER_IMAGE_VERSION }}
format: "sarif"
Expand All @@ -89,7 +89,7 @@ jobs:
- name: Generate cosign vulnerability scan record
# Third-party action, pin to commit SHA!
# See https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8
uses: aquasecurity/trivy-action@a20de5420d57c4102486cdd9578b45609c99d7eb
with:
image-ref: ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_IMAGE_NAME }}:${{ env.CONTAINER_IMAGE_VERSION }}
format: "cosign-vuln"
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/scan.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
- name: Run Trivy vulnerability scanner
# Third-party action, pin to commit SHA!
# See https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8
uses: aquasecurity/trivy-action@a20de5420d57c4102486cdd9578b45609c99d7eb
env:
TRIVY_USERNAME: ${{ github.actor }}
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
Expand All @@ -50,7 +50,7 @@ jobs:
- name: Generate cosign vulnerability scan record
# Third-party action, pin to commit SHA!
# See https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8
uses: aquasecurity/trivy-action@a20de5420d57c4102486cdd9578b45609c99d7eb
env:
TRIVY_USERNAME: ${{ github.actor }}
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
Expand Down

0 comments on commit 4a734c2

Please sign in to comment.