fix(ci): bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 (#78)

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.16.1 to 0.17.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.16.1...0.17.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
radiorabe · Feb 6, 2024 · 929f442 · 929f442
1 parent c16296e
commit 929f442
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 7 deletions.
diff --git a/.github/workflows/release-container.yaml b/.github/workflows/release-container.yaml
@@ -124,7 +124,7 @@ jobs:
           DOCKER_CONTENT_TRUST: 1
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: '${{ inputs.image }}:${{ steps.meta.outputs.version }}'
           format: 'json'
@@ -133,7 +133,7 @@ jobs:
           output: 'trivy.json'
 
       - name: Convert trivy results to sarif
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -181,7 +181,7 @@ jobs:
           TAGS: ${{ steps.meta.outputs.tags }}
 
       - name: Convert trivy results to CycloneDX
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -197,7 +197,7 @@ jobs:
         if: github.event_name != 'pull_request' && startsWith(github.event.ref, 'refs/tags/v')
 
       - name: Convert trivy results to cosign-vuln
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'

diff --git a/.github/workflows/schedule-trivy.yaml b/.github/workflows/schedule-trivy.yaml
@@ -35,7 +35,7 @@ jobs:
         uses: sigstore/cosign-installer@v3.4.0
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: ${{ inputs.image-ref }}
           timeout: ${{ inputs.timeout }}
@@ -46,7 +46,7 @@ jobs:
           output: 'trivy.json'
 
       - name: Convert trivy results to sarif
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -64,7 +64,7 @@ jobs:
           sarif_file: 'trivy.sarif'
 
       - name: Convert trivy results to cosign-vuln
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'