Remove commented-out Trivy scan result upload and adjust Trivy action configuration

dv-hossam-radwan · dv-hossam-radwan · commit 0f7c2ba83a08 · 2025-04-15T13:52:43.000+02:00
diff --git a/.github/workflows/build-docker-artifacts.yml b/.github/workflows/build-docker-artifacts.yml
@@ -240,21 +240,13 @@ jobs:
         uses: aquasecurity/trivy-action@master
         with:
           image-ref: ${{ vars.DV_AWS_ECR_REGISTRY }}/${{ matrix.component.ecr_repository }}:${{ matrix.component.image_tag }}
-          # format: 'sarif'
-          # output: ${{ matrix.component.flavor_directory }}/${{ matrix.component.directory }}/trivy-results.sarif
           format: 'table'
           exit-code: '1'
           ignore-unfixed: false
           vuln-type: 'os,library'
           severity: 'MEDIUM,HIGH,CRITICAL'
         continue-on-error: false 
 
-      # - name: Upload Trivy scan results
-      #   uses: github/codeql-action/upload-sarif@v2
-      #   with:
-      #     sarif_file: ${{ matrix.component.flavor_directory }}/${{ matrix.component.directory }}/trivy-results.sarif
-
-
       - name: Push image
         uses: docker/build-push-action@v6
         with:
