Skip to content

Commit 61e5b74

Browse files
ironhalikironhalik
committed
ops: updated GHA runs-on, trivy
1 parent ce8ef48 commit 61e5b74

File tree

2 files changed

+8
-10
lines changed

2 files changed

+8
-10
lines changed

.github/workflows/main.yml

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ env:
1414
jobs:
1515
build:
1616
name: Build Docker image
17-
runs-on: ubuntu-22.04
17+
runs-on: ubuntu-24.04
1818
permissions:
1919
contents: read
2020
packages: write
@@ -37,7 +37,7 @@ jobs:
3737

3838
test-shellcheck:
3939
name: Run Shellcheck
40-
runs-on: ubuntu-22.04
40+
runs-on: ubuntu-24.04
4141
permissions:
4242
contents: read
4343
steps:
@@ -52,7 +52,7 @@ jobs:
5252
5353
test-trivy:
5454
name: Run Trivy
55-
runs-on: ubuntu-22.04
55+
runs-on: ubuntu-24.04
5656
needs:
5757
- build
5858
permissions:
@@ -64,20 +64,19 @@ jobs:
6464
- name: Pull current image
6565
run: docker pull ${{ env.LOCAL_IMAGE }}
6666
- name: Run Trivy vulnerability scanner
67-
uses: aquasecurity/trivy-action@0.23.0
67+
uses: aquasecurity/trivy-action@0.28.0
6868
with:
6969
image-ref: ${{ env.LOCAL_IMAGE }}
7070
exit-code: "1"
7171
ignore-unfixed: true
72-
vuln-type: "os,library"
7372
severity: "HIGH,CRITICAL"
7473
skip-dirs: /usr/local/bin/
7574
scanners: "vuln"
7675
hide-progress: true
7776

7877
test-bats:
7978
name: Run Bats Tests
80-
runs-on: ubuntu-22.04
79+
runs-on: ubuntu-24.04
8180
needs:
8281
- build
8382
permissions:
@@ -108,7 +107,7 @@ jobs:
108107
- test-shellcheck
109108
- test-trivy
110109
- test-bats
111-
runs-on: ubuntu-22.04
110+
runs-on: ubuntu-24.04
112111
permissions:
113112
contents: read
114113
packages: write

.github/workflows/periodic-scan.yml

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ env:
1212
jobs:
1313
test-trivy:
1414
name: Run Trivy
15-
runs-on: ubuntu-22.04
15+
runs-on: ubuntu-24.04
1616
permissions:
1717
contents: read
1818
packages: read
@@ -22,12 +22,11 @@ jobs:
2222
- name: Pull current image
2323
run: docker pull ${{ env.LOCAL_IMAGE }}
2424
- name: Run Trivy vulnerability scanner
25-
uses: aquasecurity/trivy-action@0.23.0
25+
uses: aquasecurity/trivy-action@0.28.0
2626
with:
2727
image-ref: ${{ env.LOCAL_IMAGE }}
2828
exit-code: "1"
2929
ignore-unfixed: true
30-
vuln-type: "os,library"
3130
severity: "HIGH,CRITICAL"
3231
skip-dirs: /usr/local/bin/
3332
scanners: "vuln"

0 commit comments

Comments
 (0)