Enable trivy scan step

ballerina-platform · Oct 10, 2023 · d05724f · d05724f
1 parent d5a639c
commit d05724f
Showing 1 changed file with 8 additions and 9 deletions.
diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml
@@ -28,15 +28,14 @@ jobs:
  ./gradlew build -x check -x test
  - name: Create lib directory if not exists
  run: mkdir -p ballerina/lib
-# Disabling Trivy scan for now for an urgent release as it is failing due to a vulnerability in Netty which is not fixed yet.
-# - name: Run Trivy vulnerability scanner
-# uses: aquasecurity/trivy-action@master
-# with:
-# scan-type: 'rootfs'
-# scan-ref: '/github/workspace/ballerina/lib'
-# format: 'table'
-# timeout: '10m0s'
-# exit-code: '1'
+ - name: Run Trivy vulnerability scanner
+ uses: aquasecurity/trivy-action@master
+ with:
+ scan-type: 'rootfs'
+ scan-ref: '/github/workspace/ballerina/lib'
+ format: 'table'
+ timeout: '10m0s'
+ exit-code: '1'
  - name: Set version env variable
  run: echo "VERSION=$((grep -w 'version' | cut -d= -f2) < gradle.properties | rev | cut --complement -d- -f1 | rev)" >> $GITHUB_ENV
  - name: Pre release dependency version update