Skip to content

Commit

Permalink
ci: add container vulnerability scan through trivy for Gateway pipeline
Browse files Browse the repository at this point in the history
  • Loading branch information
@alessioerosferri
alessioerosferri committed Jul 6, 2023
1 parent 1870743 commit 2c64552
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions .github/workflows/gateway.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,3 +45,12 @@ jobs:
--build-arg TARGETARCH=amd64
env:
DOCKER_BUILDKIT: 1
- name: Run Trivy container vulnerability scan
uses: aquasecurity/trivy-action@master
with:
image-ref: '${{env.SERVICE}}:${GITHUB_SHA}'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'

0 comments on commit 2c64552

Please sign in to comment.