From a35a8c819c56566012a48c655dfd81b43bd7ae50 Mon Sep 17 00:00:00 2001 From: alexanderM91 Date: Fri, 18 Oct 2024 16:11:17 +0200 Subject: [PATCH] Comment out the trivy ignore file --- .github/workflows/ci.yml | 10 ---------- .github/workflows/security.yml | 6 +++--- .trivy/trivy.yaml | 2 +- 3 files changed, 4 insertions(+), 14 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8b5d5dee..fb20523d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -120,16 +120,6 @@ jobs: docker push $NEW_TAG done -# - name: Build for diff and push -# id: docker_build -# uses: docker/build-push-action@v2 -# with: -# push: false -# load: true -# file: ${{ matrix.image }} -# tags: ${{ join(matrix.tags) }} -# platforms: "linux/amd64" - - name: Build and push id: docker_build uses: docker/build-push-action@v2 diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index a4d55192..6ca01f82 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -1,10 +1,10 @@ -name: Vulnerability detection +name: ECR vulnerability detection on: schedule: - cron: '0 9 * * *' push: - branches-ignore: + branches: - master jobs: @@ -119,7 +119,7 @@ jobs: "text": "Scanned image tag *${{ matrix.tags }}*.", "attachments": [ { - "pretext": "Vulnerability scan outputs for ${{ steps.set-date.outputs.current_datetime }}", + "pretext": "ECR vulnerability scan outputs for ${{ steps.set-date.outputs.current_datetime }}", "color": "${{ steps.set-color.outputs.color }}", "fields": [ { diff --git a/.trivy/trivy.yaml b/.trivy/trivy.yaml index e190f329..22afc777 100644 --- a/.trivy/trivy.yaml +++ b/.trivy/trivy.yaml @@ -8,5 +8,5 @@ severity: - HIGH - CRITICAL exit-code: 1 -ignorefile: .trivy/.trivyignore.yaml +#ignorefile: .trivy/.trivyignore.yaml debug: true \ No newline at end of file