From 5a95c69c1d8665f161af989673a9fa56d612fb8d Mon Sep 17 00:00:00 2001 From: Gonzalo Diaz Date: Thu, 26 Sep 2024 11:54:18 -0300 Subject: [PATCH] [CONFIG] [Github Actions] Docker flow, ACTIONS_RUNTIME_TOKEN env added. https://github.com/aquasecurity/trivy-action/issues/389#issuecomment-2371607148 --- .github/workflows/docker-image.yml | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index f58961b..596b295 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -1,5 +1,4 @@ --- - name: Docker Image CI on: # yamllint disable-line rule:truthy @@ -15,7 +14,6 @@ env: ARTIFACT_NAME: algorithm-exercises-csharp_${{ github.sha }} jobs: - build: name: "Build Docker images" runs-on: ubuntu-latest @@ -157,7 +155,7 @@ jobs: - name: Upload result to GitHub Code Scanning uses: github/codeql-action/upload-sarif@v3 with: - sarif_file: 'snyk.sarif' + sarif_file: "snyk.sarif" scan: name: "Trivy (sarif)" runs-on: ubuntu-latest @@ -182,13 +180,15 @@ jobs: uses: aquasecurity/trivy-action@0.24.0 with: image-ref: ${{ env.IMAGE_NAME }}:${{ github.sha }} - format: 'sarif' - output: 'trivy-results.sarif' + format: "sarif" + output: "trivy-results.sarif" - name: Upload Trivy scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v3 with: - sarif_file: 'trivy-results.sarif' + sarif_file: "trivy-results.sarif" + env: + ACTIONS_RUNTIME_TOKEN: ${{ secrets.GITHUB_TOKEN }} report: name: "Trivy (report)" @@ -210,4 +210,6 @@ jobs: uses: aquasecurity/trivy-action@0.24.0 with: image-ref: ${{ env.IMAGE_NAME }}:${{ github.sha }} - format: 'table' + format: "table" + env: + ACTIONS_RUNTIME_TOKEN: ${{ secrets.GITHUB_TOKEN }}