From 437368e5c13b73dfe6f891b47fb46b17afbbbcb4 Mon Sep 17 00:00:00 2001 From: Berry den Hartog <38954346+berrydenhartog@users.noreply.github.com> Date: Tue, 14 May 2024 11:16:38 +0000 Subject: [PATCH] Fix trivy image scanning --- .github/workflows/ci.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index da01aaa0..b4441d47 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -61,7 +61,7 @@ jobs: run: poetry install - name: Generate SBOM - run: poetry run cyclonedx-py poetry > sbom.json + run: poetry run cyclonedx-py poetry --without test,dev > sbom.json - name: Generate licenses file run: | @@ -168,6 +168,13 @@ jobs: env: DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index + - name: print metadata + run: | + echo "tags: ${{ steps.meta.outputs.tags }}" + echo "labels: ${{ steps.meta.outputs.labels }}" + echo "annotations: ${{ steps.meta.outputs.annotations }}" + + - name: Build and push Docker image uses: docker/build-push-action@v5 with: @@ -182,7 +189,7 @@ jobs: - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master with: - image-ref: ${{ steps.meta.outputs.tags[0] }} + image-ref: ${{ steps.meta.outputs.tags }} trivy-config: trivy.yaml scan-type: image exit-code: 0