Feat: Add trivy vulnerability scan and upload report via github workflow

mrajagopal · mrajagopal · commit 36d1e3e4b05d · 2025-06-13T22:32:27.000+12:00
diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
@@ -31,5 +31,16 @@ jobs:
           push: true
           tags: ghcr.io/nginx/nginx-utils:latest
 
+  # Step 5: Install Trivy for Vulnerability Scanning
+      - name: Install Trivy
+        uses: aquasecurity/trivy-action@v0.11.0
+        with:
+          image-ref: ghcr.io/${{ github.repository_owner }}/nginx-utils:latest
+          format: json
+          output: vuln-report.json
 
-
+      - name: Upload Vulnerability Report
+        uses: actions/upload-artifact@v3
+        with:
+          name: vuln-report
+          path: vuln-report.json
