Skip to content

build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 (#3297) #9

build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 (#3297)

build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 (#3297) #9

Workflow file for this run

name: Trivy
on:
push:
branches:
- "main"
schedule:
- cron: '55 17 * * 5'
permissions:
contents: read
jobs:
image-scan:
permissions:
contents: read # for actions/checkout to fetch code
name: Image Scan
runs-on: ubuntu-22.04
steps:
- name: Checkout code
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- name: Build an image from Dockerfile
run: |
IMAGE=envoy-proxy/gateway-dev TAG=${{ github.sha }} make image
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@d710430a6722f083d3b36b8339ff66b32f22ee55 # v0.19.0
with:
image-ref: envoy-proxy/gateway-dev:${{ github.sha }}
exit-code: '1'