Skip to content

Vulnerability scan #478

Vulnerability scan

Vulnerability scan #478

Workflow file for this run

name: Vulnerability scan
on:
push:
branches:
- main
pull_request:
branches:
- '**'
schedule:
- cron: '30 13 * * 3'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
vuln-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- run: make build
- uses: aquasecurity/trivy-action@master
with:
image-ref: mirego/killswitch:${{ github.sha }}
ignore-unfixed: true
format: sarif
output: vuln-scan-results.sarif
vuln-type: os,library
- uses: github/codeql-action/upload-sarif@v2
if: ${{ github.actor != 'dependabot[bot]' }}
with:
sarif_file: vuln-scan-results.sarif