From ce965f2e6a3374b1930d1254fb79e921203612b8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Jun 2024 15:56:59 +0000 Subject: [PATCH] Bump aquasecurity/trivy-action in /.github/workflows Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.21.0 to 0.22.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.21.0...0.22.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/consul-template.yml | 2 +- .github/workflows/docker-nginx-proxy.yml | 2 +- .github/workflows/golang-terratest.yml | 4 ++-- .github/workflows/tool-box.yml | 2 +- .github/workflows/vault-agent.yml | 2 +- .github/workflows/vault.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/consul-template.yml b/.github/workflows/consul-template.yml index 0649a2f6..26968a0d 100644 --- a/.github/workflows/consul-template.yml +++ b/.github/workflows/consul-template.yml @@ -42,7 +42,7 @@ jobs: run: make tag - name: Run trivy scan - uses: aquasecurity/trivy-action@0.21.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: constantin07/consul-template:latest format: sarif diff --git a/.github/workflows/docker-nginx-proxy.yml b/.github/workflows/docker-nginx-proxy.yml index 18730598..61c56b3b 100644 --- a/.github/workflows/docker-nginx-proxy.yml +++ b/.github/workflows/docker-nginx-proxy.yml @@ -41,7 +41,7 @@ jobs: run: make tag - name: Run trivy scan - uses: aquasecurity/trivy-action@0.21.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: 'docker.io/constantin07/docker-nginx-proxy:latest' security-checks: 'vuln,secret,config' diff --git a/.github/workflows/golang-terratest.yml b/.github/workflows/golang-terratest.yml index 8b5db09a..b5129f80 100644 --- a/.github/workflows/golang-terratest.yml +++ b/.github/workflows/golang-terratest.yml @@ -82,7 +82,7 @@ jobs: run: make build - name: Run trivy scan (console output) - uses: aquasecurity/trivy-action@0.21.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: constantin07/golang-terratest:${{ needs.get-version.outputs.version }} ignore-unfixed: true @@ -90,7 +90,7 @@ jobs: format: table - name: Run trivy scan (report upload) - uses: aquasecurity/trivy-action@0.21.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: constantin07/golang-terratest:${{ needs.get-version.outputs.version }} ignore-unfixed: true diff --git a/.github/workflows/tool-box.yml b/.github/workflows/tool-box.yml index 7239f350..b20c0a35 100644 --- a/.github/workflows/tool-box.yml +++ b/.github/workflows/tool-box.yml @@ -68,7 +68,7 @@ jobs: run: docker buildx build --load --platform 'linux/arm64' -t ${{ env.IMAGE_NAME }}-arm64 . - name: Run trivy scan - uses: aquasecurity/trivy-action@0.21.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: ${{ env.IMAGE_NAME }} format: sarif diff --git a/.github/workflows/vault-agent.yml b/.github/workflows/vault-agent.yml index bf15a7c6..667b3509 100644 --- a/.github/workflows/vault-agent.yml +++ b/.github/workflows/vault-agent.yml @@ -85,7 +85,7 @@ jobs: -t ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }}-arm64 . - name: Run trivy scan - uses: aquasecurity/trivy-action@0.21.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }} format: sarif diff --git a/.github/workflows/vault.yml b/.github/workflows/vault.yml index c948158a..92febad7 100644 --- a/.github/workflows/vault.yml +++ b/.github/workflows/vault.yml @@ -85,7 +85,7 @@ jobs: -t ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }}-arm64 . - name: Run trivy scan - uses: aquasecurity/trivy-action@0.21.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }} format: 'sarif'