fixup! feat: scanning the entire repository

halestudio · Jun 5, 2024 · d213709 · d213709
1 parent 4c256d7
commit d213709
Showing 1 changed file with 13 additions and 9 deletions.
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -72,15 +72,19 @@ jobs:
       #    branch: update-vulnerabilities
       #    base: master
 
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/[email protected]
-        with:
-          scan-type: 'fs'
-          target: '/home/runner/work/hale/hale' # specify the target directory or file
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          severity: 'CRITICAL,HIGH'
-          debug: true
+      - name: Run Trivy scan
+        run: |
+          trivy fs --target /home/runner/work/hale/hale --debug --format sarif --output trivy-results.sarif
+
+      #- name: Run Trivy vulnerability scanner
+      #  uses: aquasecurity/[email protected]
+      #  with:
+      #    scan-type: 'fs'
+      #    target: '/home/runner/work/hale/hale' 
+      #    format: 'sarif'
+      #    output: 'trivy-results.sarif'
+      #    severity: 'CRITICAL,HIGH'
+      #    debug: true
 
       - name: Upload Trivy scan results to file
         uses: actions/upload-artifact@v2