diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index e4fe94b4a17..d8a47fa789a 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -42,7 +42,7 @@ "version": "v3.20.3" }, "ghcr.io/dhoeric/features/trivy:1.0.0": { - "version": "0.49.1" + "version": "0.52.1" } }, "customizations": { @@ -62,7 +62,8 @@ "eamodio.gitlens", "streetsidesoftware.code-spell-checker", "github.vscode-pull-request-github", - "codeandstuff.package-json-upgrade" + "codeandstuff.package-json-upgrade", + "AquaSecurityOfficial.trivy-vulnerability-scanner" ] } }, diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ff13c337692..613fd3e102c 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1691,7 +1691,7 @@ jobs: run: DOCKER_BUILDKIT=1 docker build . -f ./packages/cactus-plugin-ledger-connector-quorum/Dockerfile -t plugin-ledger-connector-quorum - if: ${{ env.RUN_TRIVY_SCAN == 'true' }} name: Run Trivy vulnerability scan for plugin-ledger-connector-quorum - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.52.1 with: image-ref: 'plugin-ledger-connector-quorum' format: 'table' @@ -2173,7 +2173,7 @@ jobs: run: DOCKER_BUILDKIT=1 docker build . -f ./packages/cactus-cmd-api-server/Dockerfile -t cactus-cmd-api-server - if: ${{ env.RUN_TRIVY_SCAN == 'true' }} name: Run Trivy vulnerability scan for cactus-cmd-api-server - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.52.1 with: image-ref: 'cactus-cmd-api-server' format: 'table' @@ -2192,7 +2192,7 @@ jobs: run: DOCKER_BUILDKIT=1 docker build ./packages/cactus-plugin-ledger-connector-besu/ -f ./packages/cactus-plugin-ledger-connector-besu/Dockerfile -t cactus-connector-besu - if: ${{ env.RUN_TRIVY_SCAN == 'true' }} name: Run Trivy vulnerability scan for cactus-connector-besu - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.52.1 with: image-ref: 'cactus-connector-besu' format: 'table' @@ -2212,7 +2212,7 @@ jobs: run: DOCKER_BUILDKIT=1 docker build ./packages/cactus-plugin-ledger-connector-corda/src/main-server/ -f ./packages/cactus-plugin-ledger-connector-corda/src/main-server/Dockerfile -t cactus-connector-corda-server - if: ${{ env.RUN_TRIVY_SCAN == 'true' }} name: Run Trivy vulnerability scan for cactus-connector-corda-server - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.52.1 with: image-ref: 'cactus-connector-corda-server' format: 'table' @@ -2232,7 +2232,7 @@ jobs: run: DOCKER_BUILDKIT=1 docker build ./packages/cactus-plugin-ledger-connector-fabric/ -f ./packages/cactus-plugin-ledger-connector-fabric/Dockerfile -t cactus-connector-fabric - if: ${{ env.RUN_TRIVY_SCAN == 'true' }} name: Run Trivy vulnerability scan for cactus-connector-fabric - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.52.1 with: image-ref: 'cactus-connector-fabric' format: 'table' @@ -2312,7 +2312,7 @@ jobs: run: DOCKER_BUILDKIT=1 docker build ./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/ -f ./packages/cactus-plugin-keychain-vault/src/cactus-keychain-vault-server/Dockerfile -t cactus-keychain-vault-server - if: ${{ env.RUN_TRIVY_SCAN == 'true' }} name: Run Trivy vulnerability scan for cactus-keychain-vault-server - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.52.1 with: image-ref: 'cactus-keychain-vault-server' format: 'table' diff --git a/.vscode/extensions.json b/.vscode/extensions.json index 86f6098895b..6c66f1bb57c 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -14,6 +14,7 @@ "eamodio.gitlens", "streetsidesoftware.code-spell-checker", "github.vscode-pull-request-github", - "codeandstuff.package-json-upgrade" + "codeandstuff.package-json-upgrade", + "AquaSecurityOfficial.trivy-vulnerability-scanner" ] }