added other all other docker nightly images to be scanned by trivy

eclipse-ditto · Sep 1, 2022 · 0963787 · 0963787
1 parent 221af9a
commit 0963787
Showing 1 changed file with 51 additions and 1 deletion.
diff --git a/.github/workflows/docker-nightly.yml b/.github/workflows/docker-nightly.yml
@@ -138,6 +138,46 @@ jobs:
           push: true
           tags: |
             eclipse/ditto-ui:${{ env.IMAGE_TAG }}
+      - 
+        name: Run Trivy vulnerability scanner for ditto-policies
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'docker.io/eclipse/ditto-policies:${{ env.IMAGE_TAG }}'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL'
+      - 
+        name: Run Trivy vulnerability scanner for ditto-things
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'docker.io/eclipse/ditto-things:${{ env.IMAGE_TAG }}'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL'
+      - 
+        name: Run Trivy vulnerability scanner for ditto-gateway
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'docker.io/eclipse/ditto-gateway:${{ env.IMAGE_TAG }}'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL'
+      - 
+        name: Run Trivy vulnerability scanner for ditto-things-search
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'docker.io/eclipse/ditto-things-search:${{ env.IMAGE_TAG }}'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL'
       - 
         name: Run Trivy vulnerability scanner for ditto-connectivity
         uses: aquasecurity/trivy-action@master
@@ -147,4 +187,14 @@ jobs:
           exit-code: '1'
           ignore-unfixed: true
           vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH'
+          severity: 'CRITICAL'
+      - 
+        name: Run Trivy vulnerability scanner for ditto-ui
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'docker.io/eclipse/ditto-ui:${{ env.IMAGE_TAG }}'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL'