Create trivy.yml

wmo-im · Jun 27, 2024 · 0ce0741 · 0ce0741
1 parent 51079e6
commit 0ce0741
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -0,0 +1,23 @@
+name: Run Trivy vulnerability scanner
+
+on: [ push ]
+
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Build wis2box-ui
+        run: |
+          docker build -t wis2box-ui:test .
+      - name: Run Trivy vulnerability scanner on wis2box-ui
+        if: always()
+        uses: aquasecurity/trivy-action@0.20.0
+        with:
+          image-ref: 'wis2box-ui:test'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'