|
@@ -73,7 +73,7 @@ jobs:
|
|
|
run: docker build -t bambuddy:security-scan .
|
|
run: docker build -t bambuddy:security-scan .
|
|
|
|
|
|
|
|
- name: Run Trivy vulnerability scanner
|
|
- name: Run Trivy vulnerability scanner
|
|
|
- uses: aquasecurity/trivy-action@v0.33.1
|
|
|
|
|
|
|
+ uses: aquasecurity/trivy-action@0.33.1
|
|
|
with:
|
|
with:
|
|
|
image-ref: 'bambuddy:security-scan'
|
|
image-ref: 'bambuddy:security-scan'
|
|
|
format: 'sarif'
|
|
format: 'sarif'
|
|
@@ -88,7 +88,7 @@ jobs:
|
|
|
category: trivy
|
|
category: trivy
|
|
|
|
|
|
|
|
- name: Run Trivy for Dockerfile/IaC
|
|
- name: Run Trivy for Dockerfile/IaC
|
|
|
- uses: aquasecurity/trivy-action@v0.33.1
|
|
|
|
|
|
|
+ uses: aquasecurity/trivy-action@0.33.1
|
|
|
with:
|
|
with:
|
|
|
scan-type: 'config'
|
|
scan-type: 'config'
|
|
|
scan-ref: '.'
|
|
scan-ref: '.'
|
maziggy