Trufflehog, iamge security scan

spryker · Oct 16, 2024 · 03f2711 · 03f2711
1 parent 4e1530b
commit 03f2711
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
@@ -79,6 +79,11 @@ jobs:
         run: |
           docker build --platform ${{ matrix.platforms }} -t spryker/php:${{ matrix.tags }} -f ${{ matrix.context }}/${{ matrix.dockerfile }} .
 
+      - name: Scan Docker image with Trufflehog
+        continue-on-error: false
+        run: |
+          docker run --rm trufflesecurity/trufflehog:latest docker --image spryker/php:${{ matrix.tags }} --only-verified
+
       - name: Scan Docker image with Trivy
         uses: aquasecurity/[email protected]
         with:
@@ -87,11 +92,6 @@ jobs:
           severity: 'LOW,MEDIUM,HIGH,CRITICAL'
           ignore-unfixed: true
 
-      - name: Scan Docker image with Trufflehog
-        continue-on-error: false
-        run: |
-          docker run --rm trufflesecurity/trufflehog:latest docker --image spryker/php:${{ matrix.tags }} --only-verified
-
       - name: Show scan result
         run: |
           echo "Trivy scan completed for spryker/php:${{ matrix.tags }}"