diff --git a/.github/workflows/workflow.build.yaml b/.github/workflows/workflow.build.yaml index cfa794566..1018e53f4 100644 --- a/.github/workflows/workflow.build.yaml +++ b/.github/workflows/workflow.build.yaml @@ -76,11 +76,11 @@ jobs: - uses: "actions/checkout@v3" - run: "docker pull ghcr.io/socialgouv/docker/${{ inputs.name }}:sha-${{ github.sha }}" - name: Run Trivy vulnerability scanner - uses: "aquasecurity/trivy-action@dba83feec810c70bacbc4bead308ae1e466c572b" + uses: "aquasecurity/trivy-action@807896715e16054f9ae275ea68a15ee3908f0124" with: image-ref: "ghcr.io/socialgouv/docker/${{ inputs.name }}:sha-${{ github.sha }}" - name: Export Trivy Results as sarif - uses: "aquasecurity/trivy-action@dba83feec810c70bacbc4bead308ae1e466c572b" + uses: "aquasecurity/trivy-action@807896715e16054f9ae275ea68a15ee3908f0124" with: format: template image-ref: "ghcr.io/socialgouv/docker/${{ inputs.name }}:sha-${{ github.sha }}"