Skip to content

Commit

Permalink
Fix trivy image scanning
Browse files Browse the repository at this point in the history
  • Loading branch information
berrydenhartog committed May 14, 2024
1 parent 6e89834 commit 437368e
Showing 1 changed file with 9 additions and 2 deletions.
11 changes: 9 additions & 2 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ jobs:
run: poetry install

- name: Generate SBOM
run: poetry run cyclonedx-py poetry > sbom.json
run: poetry run cyclonedx-py poetry --without test,dev > sbom.json

- name: Generate licenses file
run: |
Expand Down Expand Up @@ -168,6 +168,13 @@ jobs:
env:
DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index

- name: print metadata
run: |
echo "tags: ${{ steps.meta.outputs.tags }}"
echo "labels: ${{ steps.meta.outputs.labels }}"
echo "annotations: ${{ steps.meta.outputs.annotations }}"
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
Expand All @@ -182,7 +189,7 @@ jobs:
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ steps.meta.outputs.tags[0] }}
image-ref: ${{ steps.meta.outputs.tags }}
trivy-config: trivy.yaml
scan-type: image
exit-code: 0
Expand Down

0 comments on commit 437368e

Please sign in to comment.