chore: specify trivy version to avoid issues seen with 0.5x (#403)

dvsa · Oct 24, 2024 · 10fd4a5 · 10fd4a5
1 parent 65b2dec
commit 10fd4a5
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 0 deletions.
diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
@@ -96,6 +96,7 @@ jobs:
         with:
           image-ref: ${{ steps.build.outputs.imageid }}
           skip-dirs: /var/clamav
+          version: "v0.54.1"
         env:
           TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
 

diff --git a/.github/workflows/security-docker.yaml b/.github/workflows/security-docker.yaml
@@ -22,6 +22,7 @@ jobs:
           output: "trivy-results.sarif"
           severity: "MEDIUM,HIGH,CRITICAL"
           limit-severities-for-sarif: true
+          version: "v0.54.1"
         env:
           TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
       - name: Upload Results to GitHub Code Scanning

diff --git a/.github/workflows/security-terraform.yaml b/.github/workflows/security-terraform.yaml
@@ -22,6 +22,7 @@ jobs:
           output: "trivy-results.sarif"
           severity: "CRITICAL"
           limit-severities-for-sarif: true
+          version: "v0.54.1"
         env:
           TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
       - name: Upload Results to GitHub Code Scanning