Skip to content

dsp-appsec-trivy

dsp-appsec-trivy #60

Workflow file for this run

name: dsp-appsec-trivy
on:
pull_request:
schedule:
- cron: '23 1 * * 0'
jobs:
appsec-trivy:
# Parse Dockerfile and build, scan image if a "blessed" base image is not used
name: DSP AppSec Trivy check
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Run Trivy scan
uses: broadinstitute/dsp-appsec-trivy-action@v1
- name: Notify in Slack
if: failure()
uses: broadinstitute/[email protected]
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
with:
status: ${{ job.status }}
channel: "trivy-weekly-scans-notblessedimages"
username: "Agora Trivy scan"
icon_emoji: ':alert_red_light:'
text: 'Agora Trivy scan failure. <https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}|Click here> to see the run.'