From 7a3e179ad78fd9356c47e8c90a38c9e250b72303 Mon Sep 17 00:00:00 2001 From: Tomasz Gromadzki Date: Tue, 24 Sep 2024 08:03:48 +0200 Subject: [PATCH 1/3] Limit scope of changes affected by Trivy scan Required-githooks: true Signed-off-by: Tomasz Gromadzki --- .github/workflows/trivy.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index a9eec6447fd..36e81275128 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -3,6 +3,11 @@ name: Trivy scan on: pull_request: branches: ["master", "release/**"] + path: + - '**/go.mod' + - '**/pom.xml' + - '**/requirements.txt' + - '**/*trivy*' # Declare default permissions as nothing. permissions: {} From ac8eb3e7af0a170cd4906ac9d48a95e2e06802fd Mon Sep 17 00:00:00 2001 From: Tomasz Gromadzki Date: Tue, 24 Sep 2024 08:00:49 +0200 Subject: [PATCH 2/3] Fix: remove unsupported option Required-githooks: true Signed-off-by: Tomasz Gromadzki --- utils/trivy/trivy.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/utils/trivy/trivy.yaml b/utils/trivy/trivy.yaml index 293f7b1ba9f..2d3119efd37 100644 --- a/utils/trivy/trivy.yaml +++ b/utils/trivy/trivy.yaml @@ -1,6 +1,5 @@ cache: - backend: fs - clear: false + backend: memory dir: redis: ca: "" From 987355004a97b8fa40e605c601bf68a80ce39f6f Mon Sep 17 00:00:00 2001 From: Tomasz Gromadzki Date: Tue, 24 Sep 2024 08:21:52 +0200 Subject: [PATCH 3/3] fix typo Required-githooks: true Signed-off-by: Tomasz Gromadzki --- .github/workflows/trivy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 36e81275128..ac919bf4716 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -3,7 +3,7 @@ name: Trivy scan on: pull_request: branches: ["master", "release/**"] - path: + paths: - '**/go.mod' - '**/pom.xml' - '**/requirements.txt'