Trigger Trivy report for containers

.github/workflows/pr-alpine.yml

@@ -37,8 +37,19 @@ jobs:
         uses: aquasecurity/trivy-action@master
         with:
           image-ref: ${{ env.IMAGE_NAME }}:test-alpine
-          format: "table"
+          format: "sarif"
+          output: "trivy-alpine-image-scan.sarif"
           exit-code: "1"
           ignore-unfixed: true
           vuln-type: "os,library"
-          severity: "HIGH,CRITICAL"
+          severity: "MEDIUM,HIGH,CRITICAL"
+
+      - name: Upload Trivy scan results to GitHub Security
+        uses: github/codeql-action/upload-sarif@v2
+        if: always()
+        with:
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: trivy-alpine-image-scan.sarif
+          # Optional category for the results
+          # Used to differentiate multiple results for one commit
+          category: alpine-image-scan

.github/workflows/pr-debian.yml

@@ -39,8 +39,19 @@ jobs:
         uses: aquasecurity/trivy-action@master
         with:
           image-ref: ${{ env.IMAGE_NAME }}:test-debian
-          format: "table"
+          format: "sarif"
+          output: "trivy-debian-image-scan.sarif"
           exit-code: "1"
           ignore-unfixed: true
           vuln-type: "os,library"
           severity: "MEDIUM,CRITICAL,HIGH"
+
+      - name: Upload Trivy scan results to GitHub Security
+        uses: github/codeql-action/upload-sarif@v2
+        if: always()
+        with:
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: trivy-debian-image-scan.sarif
+          # Optional category for the results
+          # Used to differentiate multiple results for one commit
+          category: debian-image-scan

requirements.txt

@@ -1,3 +1,3 @@
 selenium==4.15.2
 requests==2.0.0
-deep_translator==1.11.4
+# deep_translator==1.11.4