Update reusable-docker-arm-build.yaml

Signed-off-by: Itxaka <[email protected]>
kairos-io · Jan 16, 2025 · 3354dd4 · 3354dd4
1 parent 3ebb2b8
commit 3354dd4
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/.github/workflows/reusable-docker-arm-build.yaml b/.github/workflows/reusable-docker-arm-build.yaml
@@ -116,6 +116,7 @@ jobs:
           image: ${{ env.IMAGE_REF }}
           output-format: sarif
           output-file: grype.sarif
+          severity-cutoff: critical
           add-cpes-if-none: true
       - name: Trivy
         if: ${{ github.event_name == 'push' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v')) }}
@@ -124,6 +125,8 @@ jobs:
           image-ref: ${{ env.IMAGE_REF }}
           format: sarif
           output: trivy.sarif
+          severity: CRITICAL
+          limit-severities-for-sarif: true
       - name: Push the docker image
         if: ${{ github.event_name == 'push' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/v')) }}
         uses: docker/build-push-action@v6