Skip to content

Commit

Permalink
Add Trivy vulnerability scanning and publishing task
Browse files Browse the repository at this point in the history
  • Loading branch information
@0GiS0
0GiS0 committed Apr 25, 2024
1 parent 3e49f0f commit 97da128
Show file tree
Hide file tree
Showing 3 changed files with 305 additions and 1 deletion.
2 changes: 1 addition & 1 deletion .ado/templates/trivy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:
displayName: "Trivy vulnerability scanner in docker mode"
inputs:
script: |
trivy image ${{ parameters.IMAGE_NAME }} --exit-code 0 --format sarif ${{ parameters.working_directory }} > $(Build.ArtifactStagingDirectory)/trivy-results.sarif
trivy image ${{ parameters.IMAGE_NAME }} --exit-code 0 --format sarif > $(Build.ArtifactStagingDirectory)/trivy-results.sarif
- task: PublishBuildArtifacts@1
inputs:
PathtoPublish: "$(Build.ArtifactStagingDirectory)/trivy-results.sarif"
Expand Down
1 change: 1 addition & 0 deletions steps.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ docker run -p 8080:80 apache

# Trivy
trivy image apache
trivy image apache --exit-code 0 --format sarif > trivy-results.sarif

# Snyk
snyk auth
Expand Down
Loading

0 comments on commit 97da128

Please sign in to comment.