github: add trivy license scanning

marquiz · Aug 17, 2023 · 7dcd31a · 7dcd31a
1 parent a05525e
commit 7dcd31a
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/.github/workflows/common-trivy.yaml b/.github/workflows/common-trivy.yaml
@@ -12,7 +12,22 @@ on:
         type: boolean
 
 jobs:
-  trivy-scan-code:
+  trivy-scan-licenses:
+    runs-on: ubuntu-22.04
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    - name: Run Trivy in fs mode
+      uses: aquasecurity/trivy-action@master
+      with:
+        scan-type: fs
+        scan-ref: .
+        exit-code: 1
+        scanners: license
+        severity: "UNKNOWN,MEDIUM,HIGH,CRITICAL"
+
+  trivy-scan-vulns:
     runs-on: ubuntu-22.04
     steps:
     - name: Checkout