libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
keycloak-scim/.github/workflows/trivy-analysis.yml
dependabot[bot] cb4cd279ab
Bump aquasecurity/trivy-action to 0.2.3 (#11274) 
Resolves #11308

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:55:56 -03:00

63 lines
2.1 KiB
YAML
Raw Blame History

name: Trivy
on:
workflow_dispatch:
schedule:
- cron: "0 6 * * *"
jobs:
quarkus-dist:
name: Vulnerability scanner for Quarkus distribution images
runs-on: "ubuntu-18.04"
steps:
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@40c4ca9e7421287d0c5576712fdff370978f9c3c
with:
image-ref: 'quay.io/keycloak/keycloak:nightly'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results.sarif'
severity: 'MEDIUM,CRITICAL,HIGH'
ignore-unfixed: true
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2.1.8
with:
sarif_file: 'trivy-results.sarif'
legacy-dist:
name: Vulnerability scanner for WildFly distribution images
runs-on: "ubuntu-18.04"
steps:
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@40c4ca9e7421287d0c5576712fdff370978f9c3c
with:
image-ref: 'quay.io/keycloak/keycloak:legacy'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'legacy-results.sarif'
severity: 'MEDIUM,CRITICAL,HIGH'
ignore-unfixed: true
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2.1.8
with:
sarif_file: 'legacy-results.sarif'
keycloak-operator:
name: Vulnerability scanner for Keycloak Operator distribution images
runs-on: "ubuntu-18.04"
steps:
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@40c4ca9e7421287d0c5576712fdff370978f9c3c
with:
image-ref: 'quay.io/keycloak/keycloak-operator:nightly'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'operator-results.sarif'
severity: 'MEDIUM,CRITICAL,HIGH'
ignore-unfixed: true
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2.1.8
with:
sarif_file: 'operator-results.sarif'
Reference in a new issue View git blame Copy permalink