Skip to content

Commit

Permalink
[CI] Add Trivy vulnerables check
Browse files Browse the repository at this point in the history 
Signed-off-by: v.oleynikov <vasily.oleynikov@flant.com>
  • Loading branch information
@duckhawk
duckhawk committed Aug 20, 2024
1 parent 368ba5e commit e0b5812
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 0 deletions.
23 changes: 23 additions & 0 deletions .github/workflows/trivy_check.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
name: Trivy check for sub repos

on:
pull_request:
push:
branches:
- main

jobs:
test:
name: Trivy check for sub repos
runs-on: [self-hosted, regular]

steps:
- name: Checkout repository
uses: actions/checkout@v2

- name: Run Trivy vulnerability scanner in fs mode
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
trivy-config: trivy.yaml
2 changes: 2 additions & 0 deletions trivy.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
format: table
exit-code: 1

0 comments on commit e0b5812

Please sign in to comment.