github.com/dgraph-io/ristretto@v0.1.2-0.20240116140435-c67e07994f91/.github/workflows/ci-aqua-security-trivy-tests.yml

github.com/dgraph-io/ristretto@v0.1.2-0.20240116140435-c67e07994f91/.github/workflows/ci-aqua-security-trivy-tests.yml (about)

     1  name: ci-aqua-security-trivy-tests
     2  on:
     3    push:
     4      branches:
     5        - main
     6    pull_request:
     7      types:
     8        - opened
     9        - reopened
    10        - synchronize
    11        - ready_for_review
    12      branches:
    13        - main
    14    schedule:
    15      - cron: "0 0 * * *"
    16  jobs:
    17    build:
    18      name: trivy-tests
    19      runs-on: ubuntu-20.04
    20      steps:
    21        - name: Checkout code
    22          uses: actions/checkout@v4
    23        - name: Run Trivy vulnerability scanner
    24          uses: aquasecurity/trivy-action@master
    25          with:
    26            scan-type: 'fs'
    27            scan-ref: '.'
    28            format: 'sarif'
    29            output: 'trivy-results.sarif'
    30        - name: Upload Trivy scan results to GitHub Security tab
    31          uses: github/codeql-action/upload-sarif@v2
    32          with:
    33            sarif_file: 'trivy-results.sarif'