Skip to content

Commit

Permalink
chore(ci): bump aquasecurity/trivy-action from 0.28.0 to 0.29.0 (#102)
Browse files Browse the repository at this point in the history
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.28.0 to 0.29.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](aquasecurity/trivy-action@0.28.0...0.29.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
dependabot[bot] authored Nov 23, 2024
1 parent ab93c02 commit 2f447f7
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 7 deletions.
8 changes: 4 additions & 4 deletions .github/workflows/release-container.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ jobs:
DOCKER_CONTENT_TRUST: 1

- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@0.28.0
uses: aquasecurity/trivy-action@0.29.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db
Expand All @@ -152,7 +152,7 @@ jobs:
output: 'trivy.json'

- name: Convert trivy results to sarif
uses: aquasecurity/trivy-action@0.28.0
uses: aquasecurity/trivy-action@0.29.0
with:
image-ref: trivy.json
scan-type: 'convert'
Expand Down Expand Up @@ -201,7 +201,7 @@ jobs:
TAGS: ${{ steps.meta.outputs.tags }}

- name: Convert trivy results to CycloneDX
uses: aquasecurity/trivy-action@0.28.0
uses: aquasecurity/trivy-action@0.29.0
with:
image-ref: trivy.json
scan-type: 'convert'
Expand All @@ -217,7 +217,7 @@ jobs:
if: github.event_name != 'pull_request' && startsWith(github.event.ref, 'refs/tags/v')

- name: Convert trivy results to cosign-vuln
uses: aquasecurity/trivy-action@0.28.0
uses: aquasecurity/trivy-action@0.29.0
with:
image-ref: trivy.json
scan-type: 'convert'
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/schedule-trivy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ jobs:
uses: sigstore/cosign-installer@v3.7.0

- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@0.28.0
uses: aquasecurity/trivy-action@0.29.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db
Expand All @@ -49,7 +49,7 @@ jobs:
output: 'trivy.json'

- name: Convert trivy results to sarif
uses: aquasecurity/trivy-action@0.28.0
uses: aquasecurity/trivy-action@0.29.0
with:
image-ref: trivy.json
scan-type: 'convert'
Expand All @@ -67,7 +67,7 @@ jobs:
sarif_file: 'trivy.sarif'

- name: Convert trivy results to cosign-vuln
uses: aquasecurity/trivy-action@0.28.0
uses: aquasecurity/trivy-action@0.29.0
with:
image-ref: trivy.json
scan-type: 'convert'
Expand Down

0 comments on commit 2f447f7

Please sign in to comment.