Skip to content
Trivy Analysis

fix: Update dependencies to resolve OIDC warnings. #79

Sign in to view logs

fix: Update dependencies to resolve OIDC warnings.

fix: Update dependencies to resolve OIDC warnings. #79

Workflow file for this run

.github/workflows/trivy.yaml at 7ca8978
name: Trivy Analysis
on:
push:
permissions:
contents: read
security-events: write
jobs:
trivy:
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
# v0.35.0
uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1
with:
scan-type: config
ignore-unfixed: true
skip-dirs: "**/*/.terraform"
exit-code: 1
format: sarif
output: trivy-results.sarif
- name: Parse SARIF file for annotations
if: always()
uses: Miragon/sarif-report-parse@v1.0.4
with:
severity-level: low
sarif-file: trivy-results.sarif
# When run on main, upload the SARIF file to GitHub.
- name: Upload SARIF result
if: always() && github.ref == 'refs/heads/main'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: trivy-results.sarif