Skip to content

feat(capsule): release security and workflow updates #4

feat(capsule): release security and workflow updates

feat(capsule): release security and workflow updates #4

Workflow file for this run

name: Build images
permissions: {}
on:
push:
branches:
- '*'
pull_request:
branches: [ "master", "main" ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build-images:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
- name: Setup caches
uses: ./.github/actions/setup-caches
timeout-minutes: 5
continue-on-error: true
with:
build-cache-key: build-images
- name: ko build
run: VERSION=${{ github.ref_name }} REPOSITORY=${GITHUB_REPOSITORY} make ko-build-all
- name: Trivy Scan Image
uses: aquasecurity/trivy-action@fbd16365eb88e12433951383f5e99bd901fc618f # v0.12.0
with:
scan-type: 'fs'
ignore-unfixed: true
format: 'sarif'
output: 'trivy-results.sarif'
severity: 'CRITICAL,HIGH'