From b0447b4e7225621be8cb499a40caa3b42e2b4894 Mon Sep 17 00:00:00 2001
From: Volodymyr Kolesnykov <volodymyr@wildwolf.name>
Date: Mon, 30 Sep 2024 16:06:59 +0300
Subject: [PATCH] fix: pass `ACTIONS_RUNTIME_TOKEN` to Trivy

---
 .github/actions/build-docker-image/action.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/actions/build-docker-image/action.yml b/.github/actions/build-docker-image/action.yml
index 1a0abf30..bbb81fac 100644
--- a/.github/actions/build-docker-image/action.yml
+++ b/.github/actions/build-docker-image/action.yml
@@ -45,6 +45,10 @@ inputs:
     description: The password to use for the registry
     required: false
     default: ${{ github.token }}
+  auth_token:
+    description: The token to authenticate with GitHub
+    required: false
+    default: ${{ github.token }}
 runs:
   using: composite
   steps:
@@ -131,6 +135,8 @@ runs:
       uses: docker://aquasec/trivy:0.55.2
       with:
         args: image --format json --ignore-unfixed --vuln-type os ${{ inputs.primaryTag }} --output trivy.json
+      env:
+        ACTIONS_RUNTIME_TOKEN: ${{ inputs.auth_token }}
 
     - name: Print report
       uses: docker://aquasec/trivy:0.55.2