Replace Snyk scan with Trivy

claabs · Apr 26, 2024 · ceb55fd · ceb55fd
1 parent 4c888bf
commit ceb55fd
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 57 deletions.
diff --git a/.github/workflows/container-scan.yml b/.github/workflows/container-scan.yml
@@ -0,0 +1,27 @@
+name: Container Scan
+
+on:
+  schedule:
+    - cron: "30 17 * * 4"
+  workflow_dispatch:
+
+jobs:
+  trivy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Scan Alpine image
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: ghcr.io/claabs/epicgames-freegames-node:latest
+          format: sarif
+          output: sarif-results/alpine.sarif
+      - name: Scan Debian image
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: ghcr.io/claabs/epicgames-freegames-node:debian
+          format: sarif
+          output: sarif-results/debian.sarif
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: sarif-results
diff --git a/.github/workflows/snyk-container-analysis.yml b/.github/workflows/snyk-container-analysis.yml