ci/security: make trivy fail on CRITICALs only (#207)

* ci/security: make trivy fail on CRITICALs only * ci/snyk: adjust threshold to critical
newrelic · Jul 15, 2022 · 3fcc95a · 3fcc95a
1 parent 065ccd7
commit 3fcc95a
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -39,12 +39,12 @@ jobs:
           format: table
           exit-code: 1
           ignore-unfixed: true
-          severity: CRITICAL,HIGH
+          severity: CRITICAL
 
       - name: Run Snyk to check Docker image for vulnerabilities
         uses: snyk/actions/docker@master
         env:
           SNYK_TOKEN: ${{ secrets.CAOS_SNYK_TOKEN }}
         with:
           image: ${{ env.DOCKER_IMAGE }}:${{ env.DOCKER_IMAGE_TAG }}
-          args: --file=Dockerfile
+          args: --file=Dockerfile --severity-threshold=critical