Skip to content
Security Scan

Security Scan with OWASP Dependency Check and Trivy #2

Sign in to view logs

Security Scan with OWASP Dependency Check and Trivy

Security Scan with OWASP Dependency Check and Trivy #2

Workflow file for this run

.github/workflows/security.yml at b52fa7e
name: Security Scan
on:
schedule:
- cron: '0 0 * * 1' # Roda toda segunda-feira à meia-noite
workflow_dispatch:
jobs:
dependency-check:
name: Check Vulnerabilities
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '17'
- name: Run OWASP Dependency Check
uses: dependency-check/Dependency-Check_Action@main
with:
project: "MyJavaProject"
path: "pom.xml"
format: "HTML, JSON"
out: "reports"
- name: Upload dependency check report
uses: actions/upload-artifact@v3
with:
name: dependency-check-report
path: reports
trivy-scan:
name: Scan with Trivy
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Trivy
run: |
sudo apt-get install wget -y
wget https://github.com/aquasecurity/trivy/releases/download/v0.46.0/trivy_0.46.0_Linux-64bit.tar.gz # Link atualizado para a versão correta
tar -xzf trivy_0.46.0_Linux-64bit.tar.gz
sudo mv trivy /usr/local/bin/
- name: Run Trivy on project
run: trivy fs --exit-code 1 --severity HIGH,CRITICAL .