Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(config): Drop mixing of options with yaml config. #148

Merged
merged 1 commit into from Jul 29, 2022

Conversation

simar7
Copy link
Member

@simar7 simar7 commented Jul 22, 2022

Also adds some documentation explaining how the config
and flags are used in conjunction with each other.

Fixes: #147

Signed-off-by: Simar simar@linux.com

@simar7 simar7 requested a review from krol3 Jul 22, 2022
It is possible to define all options in the `trivy.yaml` file. Specifying individual options via the action are left for backward compatibility purposes.
It is possible to define all options in the `trivy.yaml` file. Specifying individual options via the action are left for backward compatibility purposes. Defining the following is required as they cannot be defined with the config file:
- `scan-ref`: If using `fs, repo` scans.
- `image-ref`: If using `image` scan.
Copy link

@flaxel flaxel Jul 23, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But I guess you can also use input and must not define an image ref? 🤔 Maybe you could also update the action.yaml file, so the image-ref is not required.

README.md Outdated
uses: aquasecurity/trivy-action@add-support-for-trivy-config
with:
scan-type: 'fs'
ignore-unfixed: true
scan-ref: '.'
trivy-config: ./trivy.yaml
Copy link

@flaxel flaxel Jul 23, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NIT:

Suggested change
trivy-config: ./trivy.yaml
trivy-config: trivy.yaml

README.md Outdated
@@ -66,11 +66,11 @@ jobs:
- name: Checkout code
uses: actions/checkout@v2
Copy link

@flaxel flaxel Jul 23, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you also bump the versions of the actions/images? Example:

Suggested change
uses: actions/checkout@v2
uses: actions/checkout@v3

README.md Outdated
@@ -66,11 +66,11 @@ jobs:
- name: Checkout code
uses: actions/checkout@v2

- name: Run Trivy vulnerability scanner in repo mode
- name: Run Trivy vulnerability scanner in fs mode
uses: aquasecurity/trivy-action@add-support-for-trivy-config
Copy link

@flaxel flaxel Jul 23, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you use a release for this action instead of the branch? 🤔 Example:

Suggested change
uses: aquasecurity/trivy-action@add-support-for-trivy-config
uses: aquasecurity/trivy-action@0.6.0

@flaxel
Copy link

flaxel commented Jul 23, 2022

Thanks for the fast fix! 💙

krol3
krol3 approved these changes Jul 27, 2022
Copy link
Collaborator

@krol3 krol3 left a comment

Locally I tested! LGTM

Also adds some documentation explaining how the config
and flags are used in conjunction with each other.

Fixes: #147

Signed-off-by: Simar <simar@linux.com>
@simar7 simar7 merged commit 5144f05 into master Jul 29, 2022
3 checks passed
@simar7 simar7 deleted the config-options-fix branch Jul 29, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants