File tree Expand file tree Collapse file tree 1 file changed +41
-0
lines changed
Expand file tree Collapse file tree 1 file changed +41
-0
lines changed Original file line number Diff line number Diff line change 1+ name : Trivy Image Scanner
2+
3+ on :
4+ push :
5+ branches :
6+ - main
7+ schedule :
8+ - cron : 0 11 * * 2
9+
10+ permissions :
11+ contents : read
12+
13+ jobs :
14+ latest-scan :
15+ name : Scan Latest Image tag
16+ runs-on : ubuntu-latest
17+ steps :
18+
19+ - name : Pull image
20+ run : docker pull ghcr.io/antonbabenko/pre-commit-terraform:latest
21+
22+ - name : Run Trivy vulnerability scanner
23+ uses : aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4 # v0.32.0
24+ with :
25+ image-ref : ghcr.io/antonbabenko/pre-commit-terraform:latest
26+ exit-code : ' 1'
27+ ignore-unfixed : true
28+
29+ nightly-scan :
30+ name : Scan Nightly Image tag
31+ runs-on : ubuntu-latest
32+ steps :
33+ - name : Pull image
34+ run : docker pull ghcr.io/antonbabenko/pre-commit-terraform:nightly
35+
36+ - name : Run Trivy vulnerability scanner
37+ uses : aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4 # v0.32.0
38+ with :
39+ image-ref : ghcr.io/antonbabenko/pre-commit-terraform:nightly
40+ exit-code : ' 1'
41+ ignore-unfixed : true
You can’t perform that action at this time.
0 commit comments