aquasecurity/trivy-action
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy-action.git synced 2026-05-14 03:02:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
199 Commits 7 Branches 75 Tags
5eb7ef2605dd123171cc50b6be71f3b1fefb6a13
Commit Graph

199 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Aibek 9ab158e859 Add 0.34.0 release (#177) 
* bump to ghcr.io/aquasecurity/trivy:0.33.0

* fix tests

* bump to 0.34.0
v0.8.0 		2022-10-31 17:18:27 -07:00
Lior Vaisman Argon e55de85bee Add npm to action Dockerfile (#176) 2022-10-25 07:04:22 -07:00
chejn d63413b0a4 Fix github dependency submission API call (#162) 
* Update entrypoint.sh

* Update entrypoint.sh

* Update entrypoint.sh
v0.7.1 		2022-08-17 14:54:57 -07:00
simar7 1db49f5326 feat(trivy): Bump Trivy to v0.31.0 (#165) 
Fixes: https://github.com/aquasecurity/trivy-action/issues/164

Signed-off-by: Simar <simar@linux.com>

Signed-off-by: Simar <simar@linux.com>
v0.7.0 		2022-08-16 17:25:38 -07:00
Engin Diri 12814ff8bc docs: correct format and add output on config scan with sarif (#159) 2022-08-15 11:09:42 -07:00
simar7 cb606dfdb0 fix(sarif): Add timeout and security-checks for sarif (#156) v0.6.2 2022-08-03 17:32:25 -07:00
Carol Valencia 0d7cf2ddfb chore: improve message output sbom with gh (#145) 
* fix: merge with master- entrypoint

* chore: gitignore .vscode

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
 2022-08-02 15:24:58 -07:00
simar7 5144f05a8d fix(config): Drop mixing of options with yaml config. (#148) 
Also adds some documentation explaining how the config
and flags are used in conjunction with each other.

Fixes: https://github.com/aquasecurity/trivy-action/issues/147

Signed-off-by: Simar <simar@linux.com>
 2022-07-29 14:30:07 -07:00
simar7 81b9a6f5ab Update Dockerfile (#152) v0.6.1 2022-07-26 13:08:58 -07:00
simar7 503d3abc15 feat(yaml): Add support for trivy.yaml (#143) 
* feat(yaml): Add support for trivy.yaml

Signed-off-by: Simar <simar@linux.com>

* chore: fixing test using trivy v 0.30.0

* chore(deps): Update to use Trivy v0.30.2

Signed-off-by: Simar <simar@linux.com>

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
v0.6.0 		2022-07-21 16:36:46 -07:00
simar7 0105373003 docs(trivy): Add instructions to scan tarballs. (#134) 
Signed-off-by: Simar <simar@linux.com>
v0.5.1 		2022-06-29 14:34:09 -07:00
simar7 bc615ae2d7 fix(tests): Update test golden files for Trivy v0.29.2 (#136) 
Fixes: https://github.com/aquasecurity/trivy-action/issues/133
Fixes: https://github.com/aquasecurity/trivy-action/issues/135

Signed-off-by: Simar <simar@linux.com>
 2022-06-29 14:33:23 -07:00
simar7 7b7aa264d8 feat(SBOM): Support SBOM generation (#129) 
* feat(sbom): Support SBOM generation

Signed-off-by: Simar <simar@linux.com>

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* feat(sbom): Send results within the entrypoint.sh

* fix(sbom): Fix leading whitespaces for format var.

Signed-off-by: Simar <simar@linux.com>

* docs(sbom): Update README.md

* docs(sbom): Update README.md

* chore(trivy): Bump Trivy version to 0.29.1

Signed-off-by: Simar <simar@linux.com>

* feat(sbom): Change to fs scan.

Signed-off-by: Simar <simar@linux.com>

* fix(tests): Update SARIF goldenfile

Co-authored-by: Itay Shakury <itay@itaysk.com>
v0.5.0 		2022-06-22 11:24:39 -07:00
nleconte-csgroup 63b6e4c61b docs: added missing HTML template and removed deprecated SARIF template (#132) 
* docs: add missing template

* docs: add missing template and remove deprecated

Add missing HTML template
Remove deprecated SARIF template

* docs: remove deprecated SARIF template
 2022-06-21 11:46:57 -07:00
Carol Valencia 49e970d7ac chore: pinning 0.29.0 trivy (#128) 
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
v0.4.1 		2022-06-17 13:27:39 -07:00
Achton Smidt Winther c666240787 Add missing option to README. (#127) 2022-06-16 08:25:13 -07:00
David Calvert e27605859b feat: update codeql-action/upload-sarif to v2 (#124) 2022-06-15 09:16:34 -07:00
Achton Smidt Winther 2b22459068 Update tests for 0.28.1 and convert to JSON (#126) 
* Fix bug with test for securityChecks option which caused it to be skipped.

* Convert tests to JSON output only, and update them for Trivy 0.28.1.

* Update CI test to use Trivy 0.28.1.
v0.4.0 		2022-06-15 08:23:38 -07:00
Achton Smidt Winther 4b3b5f928b Add support for --ignorefile option (.trivyignore) (#122) 
* Add support for supplying one or more .trivyignore files.

* Fix gitignore for test data.

* Add test for trivyignores option.

* Be explicit about the trivy options we use during testing.

* Add documentation of trivyignores option.
 2022-06-14 07:41:49 -07:00
Tanguy Segarra 1a53202fc4 Use AWS public ECR instead of rate-limiting dockerhub (#118) 2022-06-08 11:17:38 -07:00
James Luther df3fb7d00b Update Trivy Version in Dockerfile (#117) 
Updated the dockerfile to use the latest release of Trivy.
 2022-06-02 14:53:00 -07:00
Tanguy Segarra 987beb8186 Enable security checks option for image type (#112) 
* Enable security checks option for image type

* Readme: update security checks option

* action.yaml: add default value for security checks option

* echo env var

* action.yaml: remove default value for security checks

* remove useless echo
 2022-06-02 14:52:06 -07:00
Carol Valencia 4b9b6fb4ef chore: update test to version 0.27.1 (#106) 
* chore: update test to version 0.27.0

* chore: add test file secret and update to 0.27.1

* fix: support repository with securityCheck secret

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
v0.3.0 		2022-05-09 13:12:55 -07:00
Carol Valencia 2b30463ddb chore: Update trivy version to 0.26.0 (#102) 
* chore: Update trivy version to 0.25.3

* feat: trivy fs - securityCheck test

* chore: update trivy 0.26.0

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
v0.2.5 		2022-04-18 08:40:37 -07:00
jerbia d7a51817e8 Merge pull request #104 from aquasecurity/feat/security-checks 
(feat) Add support for security-checks flag
v0.2.4 		2022-04-13 22:10:55 +03:00
oranmoshai 9fbcc91008 (feat) Add support for security-checks flag 
When using fs mode add option to list of what security issues to detect
 2022-04-13 16:25:40 +03:00
Carol Valencia 40c4ca9e74 feat: bash unit test - adding repo (#101) 
* feat: bash unit test - adding repo

* fix: clean dummy data

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
v0.2.3 		2022-04-08 15:57:27 -07:00
Carol Valencia f39d29766a chore: Update trivy version to 0.25 (#100) 
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
 2022-04-04 10:05:28 -07:00
Chanaka Lakmal 296212627a Update default value of timeout configuration (#97) 2022-02-24 14:33:03 -08:00
Oran Moshai a7a829a434 chore: update trivy version Dockerfile (#96) 
* chore: update trivy version Dockerfile

* Update readme for sarif deprecate
https://github.com/aquasecurity/trivy/discussions/1571

* docs: revert template and remove sarif.tpl

* fix: update condition to use format variable

Co-authored-by: oranmoshai <oran.moshai@aquasec.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
v0.2.2 		2022-02-02 15:19:51 -08:00
Carol Valencia 9c21d3ca2c chore: update trivy version Dockerfile (#89) 
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
 2022-01-10 16:47:20 -08:00
Masayoshi Mizutani 8f4c7160b4 feat: Add list-all-pkgs option (#88) v0.2.1 2021-12-16 08:31:49 -08:00
Carol Valencia 81cc8cd841 chore: update trivy version - fixed sarif (#87) 2021-12-10 10:18:11 -08:00
Nick Liffen 0769bbf0d2 Update Dockerfile (#82) v0.2.0 2021-11-26 12:02:01 -08:00
gustavomonarin 9ec80b5796 feat(#59) add support to skip files (#60) 
* feat(#59) Add support to skip files

closes #59

* Fix skipFiles parameter check

The check should be if present not if enabled.
 2021-11-26 12:01:28 -08:00
rahul2393 a58433e1c9 feat: added support for rootfs command (#84) 2021-11-26 10:32:44 -08:00
Simar 7168e9ba5a feat: Update README to include a case where upload upon failure (#78) 
* feat: Update README to include a case where upload is needed upon failure.

Signed-off-by: Simar <simar@linux.com>

* Update README.md
 2021-11-16 14:28:39 -08:00
rahul2393 2a2157eb22 chore: Include skip options other than severity filter option when building SARIF report. (#79) v0.1.0 2021-11-10 13:11:56 -08:00
Simar 1ccef265f5 feat: Build a full SARIF report even if under accepted severity level. (#73) 
Signed-off-by: Simar <simar@linux.com>
v0.0.22 		2021-10-26 17:45:53 -07:00
Simar d62898dfb3 Bump to latest Trivy release v0.0.21 2021-10-26 11:44:53 -07:00
Emil Lengman 6bce46377c bump to version 0.20.0 to add requirements.txt support (#69) 2021-10-26 11:43:48 -07:00
Simar 101d9bacf6 Update action.yaml 2021-10-26 11:42:59 -07:00
Peter Kipping 8eccb55397 Bump base image version to 0.19.2 to fix issue with config scanning. (#58) v0.0.20 2021-08-17 11:50:20 -07:00
Brandon Sorgdrager 9438b49cc3 Enable config scanning (#56) 
* Bump trivy image to enable use of config scan-type

* move --no-progress switch behind input arg and set default

* prevent unrelated args from passing with config scan-type

* fix invalid option passing

* set artifactRef if scanType = config

* Add workflow example for IAC/YAML scanning

* Update README.md

Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>

* Update README.md

Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>

* clean hideProgress input

Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
v0.0.19 		2021-07-27 14:49:55 -07:00
Valentin Laurin ac8de07fd1 Pass --cache-dir as global argument to Trivy (#51) v0.0.18 2021-05-27 09:03:06 -07:00
Anand Gautam 09b815c470 feat: add ignore-policy option to filter vulnerabilities (#48) 
* feat: add ignore-policy option to filter vulnerabilities

* fix: format README
 2021-05-26 13:12:03 -07:00
Simar 0ce0e69d98 Update README.md 2021-05-17 12:03:58 -07:00
rahul2393 dba83feec8 fix invalid rule exception for SARIF templates (#47) v0.0.17 2021-05-13 11:25:15 -07:00
Simar c9017eb417 Revert "Use fixed Sarif template (#45)" (#46) 
This reverts commit 4ef054abe6.
 2021-05-13 09:50:48 -07:00
rahul2393 4ef054abe6 Use fixed Sarif template (#45) 2021-05-13 09:49:59 -07:00