Skip to content

SCA Trivy

SCA Trivy #24

Workflow file for this run

name: "SCA Trivy"
on:
workflow_dispatch:
schedule:
- cron: '39 3 * * 1'
jobs:
scan:
name: 'SCA Trivy'
runs-on: ubuntu-latest
steps:
- name: Download Code
uses: actions/checkout@v2
- name: SCA IAC
uses: aquasecurity/trivy-action@master
with:
scan-type: 'config'
hide-progress: false
exit-code: "1"
ignore-unfixed: true
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
- name: SCA Dependencies
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
hide-progress: false
exit-code: "1"
ignore-unfixed: true
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
- name: Generate Image
run: |
docker build -t temp .
docker save -o vuln-image.tar temp
- name: SCA Image
uses: aquasecurity/trivy-action@master
with:
input: /github/workspace/vuln-image.tar
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'