Skip to content

Run Trivy scan to web #608

Run Trivy scan to web

Run Trivy scan to web #608

Workflow file for this run

name: Run Trivy scan to web
on:
pull_request:
branches:
- main
paths:
- web/**
push:
branches:
- main
paths:
- web/**
schedule:
- cron: "40 19 * * *"
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [16.x]
defaults:
run:
working-directory: ./web
steps:
- uses: actions/checkout@v3
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
cache: "npm"
cache-dependency-path: ./web/package-lock.json
- run: npm ci --omit=dev
- name: Run Trivy vulnerability scanner in fs mode
uses: aquasecurity/trivy-action@master
with:
scan-type: "fs"
scan-ref: "./web"
trivy-config: trivy.yaml