fail on high

susanshi · May 31, 2024 · d7990c7 · d7990c7
1 parent 314d46e
commit d7990c7
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/.github/workflows/scan-vulns.yaml b/.github/workflows/scan-vulns.yaml
@@ -66,8 +66,8 @@ jobs:
           for img in "localbuild:test" "localbuildcrd:test"; do
               trivy image --ignore-unfixed --vuln-type="os,library" "${img}"
           done
-      - name: Run trivy on images and exit on CRITICAL severity
+      - name: Run trivy on images and exit on HIGH severity
         run: |
           for img in "localbuild:test" "localbuildcrd:test"; do
-              trivy image --ignore-unfixed --exit-code 1 --severity CRITICAL --vuln-type="os,library" "${img}"
+              trivy image --ignore-unfixed --exit-code 1 --severity HIGH --vuln-type="os,library" "${img}"
           done