Merge pull request #122 from gisaia/ci/actionsVersion #132

	name: Run Trivy

	on: push

	jobs:
	build:
	name: Build
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/[email protected]

	- name: Build an image from Dockerfile
	run: \|
	docker build -f docker/docker-files/Dockerfile -t docker.io/gisaia/arlas-tagger:${{ github.sha }} .

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	env:
	TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
	TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
	with:
	image-ref: 'docker.io/gisaia/arlas-tagger:${{ github.sha }}'
	format: 'table'
	exit-code: '1'
	ignore-unfixed: false
	vuln-type: 'os,library'
	severity: 'CRITICAL,HIGH'
	trivyignores: .github/workflows/.trivyignore

Provide feedback