ci: upgrade workflow actions version

gisaia · Dec 12, 2024 · 1fedeca · 1fedeca
1 parent d608424
commit 1fedeca
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml
@@ -6,16 +6,16 @@ jobs:
   integration-tests:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4.1.4
     - name: Cache Maven # From https://github.com/actions/cache/blob/main/examples.md
-      uses: actions/cache@v2
+      uses: actions/cache@v4.0.2
       with:
         path: ~/.m2/repository
         key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
         restore-keys: |
           ${{ runner.os }}-maven-
     - name: Set up JDK 17
-      uses: actions/setup-java@v2
+      uses: actions/setup-java@v4
       with:
         java-version: '17'
         distribution: 'adopt'

diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
@@ -8,14 +8,17 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout code
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4.1.4
 
     - name: Build an image from Dockerfile
       run: |
         docker build -f docker/docker-files/Dockerfile -t docker.io/gisaia/arlas-tagger:${{ github.sha }} .
 
     - name: Run Trivy vulnerability scanner
       uses: aquasecurity/trivy-action@master
+      env:
+        TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
+        TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
       with:
         image-ref: 'docker.io/gisaia/arlas-tagger:${{ github.sha }}'
         format: 'table'