Skip to content

Commit

Permalink
Merge branch 'main' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
@vishal-chdhry
vishal-chdhry authored Oct 7, 2024
2 parents f74d41b + 75ae7a9 commit c7d9288
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 4 deletions.
8 changes: 6 additions & 2 deletions .github/workflows/codeql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
with:
fetch-depth: 0
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # v0.17.0
uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
with:
scan-type: fs
ignore-unfixed: false
Expand All @@ -37,8 +37,12 @@ jobs:
scanners: vuln,secret
exit-code: '0'
vuln-type: os,library
env:
# Trivy is returning TOOMANYREQUESTS
# See: https://github.com/aquasecurity/trivy-action/issues/389#issuecomment-2385416577
TRIVY_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-db:2'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7
with:
sarif_file: trivy-results.sarif
category: code
category: code
2 changes: 1 addition & 1 deletion .github/workflows/conformance-tests.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ jobs:
set -e
kubectl get apiservices v1alpha2.wgpolicyk8s.io v1.reports.kyverno.io
- name: Install Chainsaw
uses: kyverno/action-install-chainsaw@d1a61148c0437a66760d11d8575332305c2234cb # v0.2.10
uses: kyverno/action-install-chainsaw@d311eacde764f806c9658574ff64c9c3b21f8397 # v0.2.11
- name: Test with Chainsaw
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/migration-tests.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ jobs:
set -e
kubectl get apiservices v1alpha2.wgpolicyk8s.io v1.reports.kyverno.io
- name: Install Chainsaw
uses: kyverno/action-install-chainsaw@d1a61148c0437a66760d11d8575332305c2234cb # v0.2.10
uses: kyverno/action-install-chainsaw@d311eacde764f806c9658574ff64c9c3b21f8397 # v0.2.11
- name: Test with Chainsaw
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand Down

0 comments on commit c7d9288

Please sign in to comment.