Fix Trivy: run directly via docker instead of action to avoid exit code issues
This commit is contained in:
Anton
parent
36a706b627
commit
3ae2d2dee5
1 changed files with 7 additions and 6 deletions
13
.github/workflows/build.yaml
vendored
13
.github/workflows/build.yaml
vendored
|
|
@ -61,12 +61,13 @@ jobs:
|
||||||
version=${{ needs.resolve-version.outputs.version }}
|
version=${{ needs.resolve-version.outputs.version }}
|
||||||
|
|
||||||
- name: Run Trivy vulnerability scan
|
- name: Run Trivy vulnerability scan
|
||||||
uses: aquasecurity/trivy-action@0.30.0
|
continue-on-error: true
|
||||||
with:
|
run: |
|
||||||
image-ref: "protonmail-bridge:test"
|
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
|
||||||
format: 'table'
|
aquasec/trivy:latest image \
|
||||||
exit-code: 0
|
--severity CRITICAL,HIGH \
|
||||||
severity: 'CRITICAL,HIGH'
|
--exit-code 0 \
|
||||||
|
protonmail-bridge:test
|
||||||
|
|
||||||
build:
|
build:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue