Configure Trivy

Author: gaggle

.github/workflows/ci-cd.yml

@@ -43,11 +43,13 @@ jobs:
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: ${{ env.IMAGE_NAME }}
+          exit-code: '1'
           format: 'sarif'
+          ignore-unfixed: true
+          image-ref: ${{ env.IMAGE_NAME }}
           output: 'trivy-results.sarif'
-          exit-code: '1'
           severity: 'MEDIUM,HIGH,CRITICAL'
+          vuln-type: library
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2
         if: always()