Fixes #1642: Temporarily comment out Trivy scans

skupperproject · Oct 21, 2024 · 47535aa · 47535aa
1 parent 3222d6f
commit 47535aa
Showing 1 changed file with 12 additions and 12 deletions.
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -1010,18 +1010,18 @@ jobs:
 
       # Trivy and Grype are the scanners that GitLab integrates with (at the time of writing)
 
-      - name: Run Trivy security scan on the image
-        if: ${{ ! cancelled() }}
-        # https://aquasecurity.github.io/trivy/v0.43/getting-started/installation/#use-container-image
-        run: |
-          podman run --rm \
-            -v ${PODMAN_SOCK}:/var/run/docker.sock \
-            -v ${{github.workspace}}:${{github.workspace}} \
-            docker.io/aquasec/trivy:latest \
-              image \
-              --scanners vuln,secret --ignore-unfixed --exit-code=1 \
-              --secret-config=${{github.workspace}}/.github/trivy-secret.yaml \
-              ${{ env.ImageName }}
+#      - name: Run Trivy security scan on the image
+#        if: ${{ ! cancelled() }}
+#        # https://aquasecurity.github.io/trivy/v0.43/getting-started/installation/#use-container-image
+#        run: |
+#          podman run --rm \
+#            -v ${PODMAN_SOCK}:/var/run/docker.sock \
+#            -v ${{github.workspace}}:${{github.workspace}} \
+#            docker.io/aquasec/trivy:latest \
+#              image \
+#              --scanners vuln,secret --ignore-unfixed --exit-code=1 \
+#              --secret-config=${{github.workspace}}/.github/trivy-secret.yaml \
+#              ${{ env.ImageName }}
 
       - name: Run Grype security scan on the image
         if: ${{ ! cancelled() }}