Comment out the trivy ignore file

.github/workflows/ci.yml

@@ -120,16 +120,6 @@ jobs:
             docker push $NEW_TAG
           done
 
-#      - name: Build for diff and push
-#        id: docker_build
-#        uses: docker/build-push-action@v2
-#        with:
-#          push: false
-#          load: true
-#          file: ${{ matrix.image }}
-#          tags: ${{ join(matrix.tags) }}
-#          platforms: "linux/amd64"
-
       - name: Build and push
         id: docker_build
         uses: docker/build-push-action@v2

.github/workflows/security.yml

@@ -1,10 +1,10 @@
-name: Vulnerability detection
+name: ECR vulnerability detection
 
 on:
   schedule:
     - cron: '0 9 * * *'
   push:
-    branches-ignore:
+    branches:
       - master
 
 jobs:
@@ -119,7 +119,7 @@ jobs:
               "text": "Scanned image tag *${{ matrix.tags }}*.",
               "attachments": [
                 {
-                  "pretext": "Vulnerability scan outputs for ${{ steps.set-date.outputs.current_datetime }}",
+                  "pretext": "ECR vulnerability scan outputs for ${{ steps.set-date.outputs.current_datetime }}",
                   "color": "${{ steps.set-color.outputs.color }}",
                   "fields": [
                     {

.trivy/trivy.yaml

@@ -8,5 +8,5 @@ severity:
   - HIGH
   - CRITICAL
 exit-code: 1
-ignorefile: .trivy/.trivyignore.yaml
+#ignorefile: .trivy/.trivyignore.yaml
 debug: true