Skip to content
You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
search

GitHub Action

Trivy Action

v0.0.1 Pre-release

Trivy Action

search

Trivy Action

Scan docker image vulnerability using Trivy and create GitHub Issue

Installation

Copy and paste the following snippet into your .yml file.

              

- name: Trivy Action

uses: lazy-actions/[email protected]

Learn more about this action in lazy-actions/gitrivy

Choose a version

Gitrivy

GitHub release (latest by date) GitHub

This is a GitHub Actions to scan vulnerability using Trivy.
If vulnerabilities are found by Trivy, it creates the following GitHub Issue.

image

Usage

Inputs

Parameter Required Default Description
token True N/A GitHub access token
${{ secrets.GITHUB_TOKEN }} is recommended
trivy_version False latest Trivy version
image True N/A The target image name to scan the vulnerability
Specify this parameter or IMAGE_NAME environment variable
severity False HIGH,CRITICAL Sevirities of vulunerabilities (separeted by commma)
vuln_type False os,library Scan target are os and / or library (separeted by commma)
ignore_unfixed False false Ignore unfixed vulnerabilities
Specify true or false
issue_title False Security Alert Issue title
issue_label False trivy,vulnerability Issue label (separeted by commma)
issue_assignee False N/A Issue assignee (separeted by commma)

Outputs

Parameter Description
html_url The URL to view the issue
issue_number The created issue number

Example Workflow

Detect your docker image vulnerability everyday at 9:00 (UTC).

name: Vulnerability Scan

on:
  schedule:
    - cron: '0 9 * * *'

jobs:
  scan:
    name: Daily Vulnerability Scan
    runs-on: ubuntu-18.04
    steps:
      - name: Pull docker image
        run: docker pull sample

      - uses: homoluctus/[email protected]
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          image: sample