#12 switch from anchore -> trivy to get appropriate cat levels instea…

…d of ERROR
bryopsida · Mar 12, 2022 · ec9a7d6 · ec9a7d6
1 parent 7252ac7
commit ec9a7d6
Showing 1 changed file with 9 additions and 8 deletions.
diff --git a/.github/workflows/anchore-analysis.yml → .github/workflows/trivy-analysis.yml b/.github/workflows/anchore-analysis.yml → .github/workflows/trivy-analysis.yml
@@ -1,5 +1,5 @@
 
-name: Anchore Container Scan
+name: Container Scan
 on:
   push:
     branches: [ main ]
@@ -15,13 +15,14 @@ jobs:
       uses: actions/checkout@v2
     - name: Build the Docker image
       run: docker build . --file Dockerfile --tag localbuild/testimage:latest
-    - name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled
-      uses: anchore/scan-action@b08527d5ae7f7dc76f9621edb6e49eaf47933ccd
+    - name: Scan image
+      id: scan
+      uses: aquasecurity/trivy-action@master
       with:
-        image: "localbuild/testimage:latest"
-        acs-report-enable: true
-        fail-build: false
-    - name: Upload Anchore Scan Report
+        image-ref: localbuild/testimage:latest
+        format: 'sarif'
+        output: 'scan-results.sarif'
+    - name: Upload Container Scan SARIF report
       uses: github/codeql-action/upload-sarif@v1
       with:
-        sarif_file: results.sarif
+        sarif_file: 'scan-results.sarif'