Skip to content

Commit

Permalink
Temporarily disable triby checks because of TOOMANYREQUESTS errors.
Browse files Browse the repository at this point in the history
  • Loading branch information
giorgi1324 committed Nov 14, 2024
1 parent 668589c commit e4f2b1a
Showing 1 changed file with 33 additions and 33 deletions.
66 changes: 33 additions & 33 deletions .github/workflows/base_image_workflow.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -104,39 +104,39 @@ jobs:
image: localhost:5000/dockle-examine-image:test
dockle-ignores: CIS-DI-0005 # Ignore `Enable Content trust for Docker`

- name: Run Trivy vulnerability scanner - human readable output
uses: aquasecurity/trivy-action@master
with:
image-ref: localhost:5000/dockle-examine-image:test
scan-type: 'image'
format: 'table'
exit-code: '0'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
scanners: 'vuln,secret,config'
env:
TRIVY_NON_SSL: true

- name: Run Trivy vulnerability scanner (sarif report)
uses: aquasecurity/trivy-action@master
with:
image-ref: localhost:5000/dockle-examine-image:test
scan-type: 'image'
format: 'sarif'
exit-code: '0'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
scanners: 'vuln,secret,config'
output: 'trivy-results-os.sarif'
env:
TRIVY_NON_SSL: true

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results-os.sarif'
# - name: Run Trivy vulnerability scanner - human readable output
# uses: aquasecurity/trivy-action@master
# with:
# image-ref: localhost:5000/dockle-examine-image:test
# scan-type: 'image'
# format: 'table'
# exit-code: '0'
# ignore-unfixed: true
# vuln-type: 'os,library'
# severity: 'CRITICAL,HIGH'
# scanners: 'vuln,secret,config'
# env:
# TRIVY_NON_SSL: true

# - name: Run Trivy vulnerability scanner (sarif report)
# uses: aquasecurity/trivy-action@master
# with:
# image-ref: localhost:5000/dockle-examine-image:test
# scan-type: 'image'
# format: 'sarif'
# exit-code: '0'
# ignore-unfixed: true
# vuln-type: 'os,library'
# severity: 'CRITICAL,HIGH'
# scanners: 'vuln,secret,config'
# output: 'trivy-results-os.sarif'
# env:
# TRIVY_NON_SSL: true

# - name: Upload Trivy scan results to GitHub Security tab
# uses: github/codeql-action/upload-sarif@v3
# with:
# sarif_file: 'trivy-results-os.sarif'

- name: Push Service Image to repo
# if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master'
Expand Down

0 comments on commit e4f2b1a

Please sign in to comment.