1. CI - Pull Request

CCM-13343: Trivy Package and Library Scans #2116

Sign in to view logs

Re-run triggered December 18, 2025 13:01

jamesthompson26-nhs

#312

feature/CCM-13343_Trivy_Package_and_Library_Scans

Status Failure

Total duration 1m 45s

Artifacts 3

cicd-1-pull-request.yaml

on: pull_request

Set CI/CD metadata

Commit stage / Scan secrets

Commit stage / Check file format

Commit stage / Check Markdown format

Commit stage / Check English usage

Commit stage / Check TODO usage

Commit stage / Trivy Package Scan

Commit stage / Count lines of code

Commit stage / Scan dependencies

Commit stage / Check for changes to event schema package compared to main branch

Commit stage / Detect Terraform Changes

Commit stage / Check event schema version has been updated

Commit stage / Check for event schemas package version change

Commit stage / Run terraform-docs

Commit stage / Lint Terraform

Commit stage / Trivy IaC Scan

Test stage / Check generated dependencies

Test stage / Linting

Test stage / Typecheck

Test stage / Unit tests

Test stage / Perform static analysis

Test stage / Test coverage

Build stage / Build Docs

Build stage / Build SDKs

Build stage / Create Dynamic Environment

Build stage / Build proxies

Acceptance stage / Contract test

Publish stage / Publish packages

Publish stage / Publish npm packages to npm.pkg.github.com

Publish stage / Publish nuget packages to nuget.pkg.github.com

Publish stage / Success notification

Annotations

1 error

Commit stage / Scan secrets

Process completed with exit code 1.

Artifacts

Produced during runtime

Name	Size	Digest
lines-of-code-report.json.zip	961 Bytes	`sha256:b943a381fc65193e24081e9cae6ba435ecb9aea79cdc23948bf7c5c4ff2a54d2`
sbom-repository-report.json.zip	232 KB	`sha256:82cf2d6c2950fec8a106b63f3b2b35592c984afac1454f5f1149816d1e66e16c`
vulnerabilities-repository-report.json.zip	2.24 KB	`sha256:73e515be88fbd8496b8a8dbe608b0af85f11747db9fe86fe920a502d9f47fa2d`