From 6b0602dc66c34b3ed5a114db96134dfdb9c77c30 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Apr 2024 15:44:55 +0000 Subject: [PATCH] Bump aquasecurity/trivy-action in /.github/workflows Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.18.0 to 0.19.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.18.0...0.19.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/consul-template.yml | 2 +- .github/workflows/docker-nginx-proxy.yml | 2 +- .github/workflows/golang-terratest.yml | 4 ++-- .github/workflows/tool-box.yml | 2 +- .github/workflows/vault-agent.yml | 2 +- .github/workflows/vault.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/consul-template.yml b/.github/workflows/consul-template.yml index 263b5d04..0661ec90 100644 --- a/.github/workflows/consul-template.yml +++ b/.github/workflows/consul-template.yml @@ -42,7 +42,7 @@ jobs: run: make tag - name: Run trivy scan - uses: aquasecurity/trivy-action@0.18.0 + uses: aquasecurity/trivy-action@0.19.0 with: image-ref: constantin07/consul-template:latest format: sarif diff --git a/.github/workflows/docker-nginx-proxy.yml b/.github/workflows/docker-nginx-proxy.yml index 377db55e..7a1e27bf 100644 --- a/.github/workflows/docker-nginx-proxy.yml +++ b/.github/workflows/docker-nginx-proxy.yml @@ -41,7 +41,7 @@ jobs: run: make tag - name: Run trivy scan - uses: aquasecurity/trivy-action@0.18.0 + uses: aquasecurity/trivy-action@0.19.0 with: image-ref: 'docker.io/constantin07/docker-nginx-proxy:latest' security-checks: 'vuln,secret,config' diff --git a/.github/workflows/golang-terratest.yml b/.github/workflows/golang-terratest.yml index bc02d6cb..9d033869 100644 --- a/.github/workflows/golang-terratest.yml +++ b/.github/workflows/golang-terratest.yml @@ -82,7 +82,7 @@ jobs: run: make build - name: Run trivy scan (console output) - uses: aquasecurity/trivy-action@0.18.0 + uses: aquasecurity/trivy-action@0.19.0 with: image-ref: constantin07/golang-terratest:${{ needs.get-version.outputs.version }} ignore-unfixed: true @@ -90,7 +90,7 @@ jobs: format: table - name: Run trivy scan (report upload) - uses: aquasecurity/trivy-action@0.18.0 + uses: aquasecurity/trivy-action@0.19.0 with: image-ref: constantin07/golang-terratest:${{ needs.get-version.outputs.version }} ignore-unfixed: true diff --git a/.github/workflows/tool-box.yml b/.github/workflows/tool-box.yml index 00677593..a241e8e8 100644 --- a/.github/workflows/tool-box.yml +++ b/.github/workflows/tool-box.yml @@ -68,7 +68,7 @@ jobs: run: docker buildx build --load --platform 'linux/arm64' -t ${{ env.IMAGE_NAME }}-arm64 . - name: Run trivy scan - uses: aquasecurity/trivy-action@0.18.0 + uses: aquasecurity/trivy-action@0.19.0 with: image-ref: ${{ env.IMAGE_NAME }} format: sarif diff --git a/.github/workflows/vault-agent.yml b/.github/workflows/vault-agent.yml index ded1a3df..374dcfcc 100644 --- a/.github/workflows/vault-agent.yml +++ b/.github/workflows/vault-agent.yml @@ -85,7 +85,7 @@ jobs: -t ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }}-arm64 . - name: Run trivy scan - uses: aquasecurity/trivy-action@0.18.0 + uses: aquasecurity/trivy-action@0.19.0 with: image-ref: ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }} format: sarif diff --git a/.github/workflows/vault.yml b/.github/workflows/vault.yml index 2f24ff58..c6c7657f 100644 --- a/.github/workflows/vault.yml +++ b/.github/workflows/vault.yml @@ -85,7 +85,7 @@ jobs: -t ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }}-arm64 . - name: Run trivy scan - uses: aquasecurity/trivy-action@0.18.0 + uses: aquasecurity/trivy-action@0.19.0 with: image-ref: ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }} format: 'sarif'