From 10fd4a5ab83d20f46ce03161a3d91fde6fb1aa20 Mon Sep 17 00:00:00 2001
From: Andrew Newton <andy.newton@dvsa.gov.uk>
Date: Thu, 24 Oct 2024 10:33:35 +0100
Subject: [PATCH] chore: specify trivy version to avoid issues seen with 0.5x
 (#403)

---
 .github/workflows/docker.yaml             | 1 +
 .github/workflows/security-docker.yaml    | 1 +
 .github/workflows/security-terraform.yaml | 1 +
 3 files changed, 3 insertions(+)

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index 07f4034797..6c12f8f80d 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -96,6 +96,7 @@ jobs:
         with:
           image-ref: ${{ steps.build.outputs.imageid }}
           skip-dirs: /var/clamav
+          version: "v0.54.1"
         env:
           TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
 
diff --git a/.github/workflows/security-docker.yaml b/.github/workflows/security-docker.yaml
index f495c2f72b..cfbc81664c 100644
--- a/.github/workflows/security-docker.yaml
+++ b/.github/workflows/security-docker.yaml
@@ -22,6 +22,7 @@ jobs:
           output: "trivy-results.sarif"
           severity: "MEDIUM,HIGH,CRITICAL"
           limit-severities-for-sarif: true
+          version: "v0.54.1"
         env:
           TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
       - name: Upload Results to GitHub Code Scanning
diff --git a/.github/workflows/security-terraform.yaml b/.github/workflows/security-terraform.yaml
index 90641850fc..d6efe08ddb 100644
--- a/.github/workflows/security-terraform.yaml
+++ b/.github/workflows/security-terraform.yaml
@@ -22,6 +22,7 @@ jobs:
           output: "trivy-results.sarif"
           severity: "CRITICAL"
           limit-severities-for-sarif: true
+          version: "v0.54.1"
         env:
           TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
       - name: Upload Results to GitHub Code Scanning