Skip to content

:dependabot: github-actions(deps): Bump actions/dependency-review-action from 4.3.4 to 4.3.5 #114

:dependabot: github-actions(deps): Bump actions/dependency-review-action from 4.3.4 to 4.3.5

:dependabot: github-actions(deps): Bump actions/dependency-review-action from 4.3.4 to 4.3.5 #114

Workflow file for this run

---
name: 🩻 Scan
on:
pull_request:
branches:
- main
permissions: {}
jobs:
scan:
name: Scan
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout
id: checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Build
id: build
shell: bash
env:
IMAGE_NAME: ghcr.io/${{ github.repository }}
IMAGE_TAG: ${{ github.sha }}
run: |
make build
- name: Scan
id: scan
uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
with:
image-ref: ghcr.io/${{ github.repository }}:${{ github.sha }}
severity: HIGH,CRITICAL
exit-code: 1