Skip to content
This repository has been archived by the owner on Jun 29, 2021. It is now read-only.
/ gha-trivy Public archive
forked from lazy-actions/gitrivy

Trivy with GitHub Actions

License

Notifications You must be signed in to change notification settings

dataswift/gha-trivy

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
 
 

Repository files navigation

GitHub Actions - Trivy

GitHub release (latest by date) GitHub

This is a GitHub Actions to scan vulnerability using Trivy.
If vulnerabilities are found by Trivy, it creates the following GitHub Issue.

image

Usage

Inputs

Parameter Required Default Value Description
trivy_version False latest Trivy version
image True N/A The target image name to scan the vulnerability
Specify this parameter or IMAGE_NAME environment variable
severity False HIGH,CRITICAL Severities of vulnerabilities (separated by commma)
vuln_type False os,library Scan target are os and / or library (separated by commma)
ignore_unfixed False false Ignore unfixed vulnerabilities
Please specify true or false
issue False true Decide whether creating issue when vulnerabilities are found by trivy.
Please specify true or false
token True if issue parameter is true else False N/A GitHub Access Token.
${{ secrets.GITHUB_TOKEN }} is recommended.
issue_title False Security Alert Issue title
issue_label False trivy,vulnerability Issue label (separated by commma)
issue_assignee False N/A Issue assignee (separated by commma)
fail_on_vulnerabilities False false Whether the action should fail if any vulnerabilities were found.

Outputs

Parameter Description
html_url The URL to view the issue
issue_number The created issue number

Example Workflow

Detect your docker image vulnerability everyday at 9:00 (UTC).

name: Vulnerability Scan

on:
  schedule:
    - cron: '0 9 * * *'

jobs:
  scan:
    name: Daily Vulnerability Scan
    runs-on: ubuntu-18.04
    steps:
      - name: Pull docker image
        run: docker pull sample

      - uses: dataswift/gha-trivy@v3.0.0
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          image: sample

About

Trivy with GitHub Actions

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • TypeScript 98.6%
  • JavaScript 1.4%