aquasecurity/trivy-action
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy-action.git synced 2026-05-14 03:02:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
153 Commits 7 Branches 75 Tags
89b14e517dd8699cba3d787e53d4355cad28605c
Commit Graph

63 Commits

Author SHA1 Message Date
Oussama Bounaim 89b14e517d Upgrade GitHub actions (#374) 
* Upgrade Github checkout action

* Upgrade Github upload-sarif action

* Upgrade Github checkout action - Pipeline
 2024-10-02 14:41:43 -06:00
simar7 841fb371db chore(docs): Reference the use of a pinned version (#356) 2024-05-22 18:59:56 -06:00
Lukas Gravley 207cd40078 Fix docker host bug (#329) 
* Update entrypoint.sh

should be a value not boolean

* Update action.yaml

add example

* Update README.md
 2024-04-04 22:59:05 -06:00
uridium 840deb4908 Browse scan reports without GitHub Advanced Security license (#328) 2024-04-04 22:58:29 -06:00
uridium f72b7e8127 Make 'hide-progress' input working again (#323) 
* Make hide-progress input working again

* Unify 'hide-progress' default value
 2024-03-28 19:06:30 -06:00
Maxime Durand 1f6384b6ce docs(report): improve documentation around Using Trivy to generate SBOM and sending it to Github (#307) 
* Improved documentation with details on how to send output as an artifact on Github and giving an example of a private image scan

* formatting

* better name for job
 2024-02-13 15:20:36 -07:00
DmitriyLewen 0b9d17b6b5 docs: add configuration info for flags not supported by inputs (#296) 
* docs: add information about configuration flags not supported by inputs

* docs: add env and config file to Customizing
 2024-01-11 15:13:21 -07:00
Lucas Bickel d43c1f16c0 docs: fix typo in README.md (#293) 
Signed-off-by: Lucas Bickel <hairmare@purplehaze.ch>
 2024-01-02 17:53:48 -07:00
Kyle Davies 22d2755f77 feature(config): add terraform variable files (#285) 
* Action now takes an input for terraform variable filess

* added tf-vars

* updated README.md

* Updated yamlconfig test to latest version of trivy output for that container

* updated for correct cpu type

* test trivy version change to 0.45.0

* run scan with correct parameters

* Added test for terraform tfvars

* Updated output for other tests

* use test data as path and updated tf vars to be relative

* removed quiet
 2023-12-04 16:27:47 -07:00
John Smith 463f27e2d8 Update README.md to change the example to the new default brach name main from master. 
Update README.md to change the example to the new default branch name "main" from "master".

I hope this will make the action slightly easier to work with for newer members of the community.
 2023-05-12 10:45:16 +01:00
Guilherme Marz Vazzolla 1a09192c0e docs: improve SBOM documentation (#208) 
* fix: dependency graph name ocurrences

* feat: improve readability and add useful links

* feat: improve readability and instructions 

Improves readability and adds missing information about github_token, another authentication method.

* feat: add github_token instructions

* feat: add github_token to inputs table

* feat: add "what is an SBOM" link

* fix: GitHub dependency graph name ocurrence

* feat: improve SBOM input description

* fix: remove "on pull request" trigger

Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com>

* fix: outdated input name

---------

Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com>
 2023-03-28 17:48:04 -07:00
Viktor Sadovnikov 1f0aa582c8 Rename security-checks to scanners (#211) 
* Renaming securityChecks to runners

* Renaming securityChecks to runners

* Renaming securityChecks to runners

* Correcting README
 2023-03-06 21:00:01 -08:00
Michael Cantú ab15891596 Update README.md (#186) 
Fix typo
 2023-02-01 16:23:59 -08:00
Omar Silva cacfd7a243 docs: add trivy-config to table (#195) 2023-02-01 16:19:16 -08:00
AndreyLevchenko 1e0bef4613 fix(sarif): Add option to limit severities for sarif (aquasecurity#192) (#198) 2023-02-01 16:18:31 -08:00
Engin Diri 12814ff8bc docs: correct format and add output on config scan with sarif (#159) 2022-08-15 11:09:42 -07:00
simar7 5144f05a8d fix(config): Drop mixing of options with yaml config. (#148) 
Also adds some documentation explaining how the config
and flags are used in conjunction with each other.

Fixes: https://github.com/aquasecurity/trivy-action/issues/147

Signed-off-by: Simar <simar@linux.com>
 2022-07-29 14:30:07 -07:00
simar7 503d3abc15 feat(yaml): Add support for trivy.yaml (#143) 
* feat(yaml): Add support for trivy.yaml

Signed-off-by: Simar <simar@linux.com>

* chore: fixing test using trivy v 0.30.0

* chore(deps): Update to use Trivy v0.30.2

Signed-off-by: Simar <simar@linux.com>

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
 2022-07-21 16:36:46 -07:00
simar7 0105373003 docs(trivy): Add instructions to scan tarballs. (#134) 
Signed-off-by: Simar <simar@linux.com>
 2022-06-29 14:34:09 -07:00
simar7 7b7aa264d8 feat(SBOM): Support SBOM generation (#129) 
* feat(sbom): Support SBOM generation

Signed-off-by: Simar <simar@linux.com>

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* feat(sbom): Send results within the entrypoint.sh

* fix(sbom): Fix leading whitespaces for format var.

Signed-off-by: Simar <simar@linux.com>

* docs(sbom): Update README.md

* docs(sbom): Update README.md

* chore(trivy): Bump Trivy version to 0.29.1

Signed-off-by: Simar <simar@linux.com>

* feat(sbom): Change to fs scan.

Signed-off-by: Simar <simar@linux.com>

* fix(tests): Update SARIF goldenfile

Co-authored-by: Itay Shakury <itay@itaysk.com>
 2022-06-22 11:24:39 -07:00
nleconte-csgroup 63b6e4c61b docs: added missing HTML template and removed deprecated SARIF template (#132) 
* docs: add missing template

* docs: add missing template and remove deprecated

Add missing HTML template
Remove deprecated SARIF template

* docs: remove deprecated SARIF template
 2022-06-21 11:46:57 -07:00
Achton Smidt Winther c666240787 Add missing option to README. (#127) 2022-06-16 08:25:13 -07:00
David Calvert e27605859b feat: update codeql-action/upload-sarif to v2 (#124) 2022-06-15 09:16:34 -07:00
Achton Smidt Winther 4b3b5f928b Add support for --ignorefile option (.trivyignore) (#122) 
* Add support for supplying one or more .trivyignore files.

* Fix gitignore for test data.

* Add test for trivyignores option.

* Be explicit about the trivy options we use during testing.

* Add documentation of trivyignores option.
 2022-06-14 07:41:49 -07:00
Tanguy Segarra 987beb8186 Enable security checks option for image type (#112) 
* Enable security checks option for image type

* Readme: update security checks option

* action.yaml: add default value for security checks option

* echo env var

* action.yaml: remove default value for security checks

* remove useless echo
 2022-06-02 14:52:06 -07:00
oranmoshai 9fbcc91008 (feat) Add support for security-checks flag 
When using fs mode add option to list of what security issues to detect
 2022-04-13 16:25:40 +03:00
Chanaka Lakmal 296212627a Update default value of timeout configuration (#97) 2022-02-24 14:33:03 -08:00
Oran Moshai a7a829a434 chore: update trivy version Dockerfile (#96) 
* chore: update trivy version Dockerfile

* Update readme for sarif deprecate
https://github.com/aquasecurity/trivy/discussions/1571

* docs: revert template and remove sarif.tpl

* fix: update condition to use format variable

Co-authored-by: oranmoshai <oran.moshai@aquasec.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2022-02-02 15:19:51 -08:00
Masayoshi Mizutani 8f4c7160b4 feat: Add list-all-pkgs option (#88) 2021-12-16 08:31:49 -08:00
gustavomonarin 9ec80b5796 feat(#59) add support to skip files (#60) 
* feat(#59) Add support to skip files

closes #59

* Fix skipFiles parameter check

The check should be if present not if enabled.
 2021-11-26 12:01:28 -08:00
rahul2393 a58433e1c9 feat: added support for rootfs command (#84) 2021-11-26 10:32:44 -08:00
Simar 7168e9ba5a feat: Update README to include a case where upload upon failure (#78) 
* feat: Update README to include a case where upload is needed upon failure.

Signed-off-by: Simar <simar@linux.com>

* Update README.md
 2021-11-16 14:28:39 -08:00
Brandon Sorgdrager 9438b49cc3 Enable config scanning (#56) 
* Bump trivy image to enable use of config scan-type

* move --no-progress switch behind input arg and set default

* prevent unrelated args from passing with config scan-type

* fix invalid option passing

* set artifactRef if scanType = config

* Add workflow example for IAC/YAML scanning

* Update README.md

Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>

* Update README.md

Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>

* clean hideProgress input

Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
 2021-07-27 14:49:55 -07:00
Anand Gautam 09b815c470 feat: add ignore-policy option to filter vulnerabilities (#48) 
* feat: add ignore-policy option to filter vulnerabilities

* fix: format README
 2021-05-26 13:12:03 -07:00
Simar 0ce0e69d98 Update README.md 2021-05-17 12:03:58 -07:00
rahul2393 fd44a8c1a7 Improve Readme to remove docker build step (#43) 
* Remove docker build step

* Update README.md

Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
 2021-05-06 11:00:05 -07:00
rahul2393 731c4a9c64 Update readme to scan private repository (#42) 
* Printing env var to debug

* Update Readme to scan private registries.

* Apply suggestions from code review

Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
 2021-05-06 10:40:05 -07:00
Simar 9c91cd8af6 Update README.md 2021-04-07 12:52:06 -07:00
Donald Piret b38389f8ef feat: add support for cache dire and timeout inputs (#35) 2021-04-07 12:50:09 -07:00
rahul2393 e2054f8b6a Added input option support (#34) 
* Added input option support

* Fix position of input flag

* update readme

* Update README.md

Co-authored-by: Simarpreet Singh <simar@linux.com>
 2021-03-24 13:54:13 -07:00
Simarpreet Singh 6890ac5cba Update README.md 2021-03-19 15:25:03 -07:00
Anand Gautam c6431cf821 Feat/add skip dirs option (#33) 
Fixes: https://github.com/aquasecurity/trivy-action/issues/32
 2021-03-19 15:21:09 -07:00
Simarpreet Singh 7294c6a408 Update README.md 2021-02-24 16:54:57 -08:00
Simarpreet Singh df28e4135d Update README.md 
Add a guide for using in repo mode
 2021-02-24 16:47:59 -08:00
rahul2393 1d28acf359 Add scan type as option (#27) 
* Add scan type as option

* Fix exitCode

* remove all options

* Add default value to scanRef and improve shell

* print args

* fix description.

* More changes
 2021-02-24 16:31:43 -08:00
Chris Aumann 7684771c94 Add vuln-type parameter (#19) 
Co-authored-by: Simarpreet Singh <simar@linux.com>
 2021-02-11 13:49:57 -08:00
Simarpreet Singh 8595c5d059 Update README.md 2021-02-05 13:20:20 -08:00
Airtower d8496b917f docs: Add a link to the Trivy repository (#20) 2020-10-15 20:31:54 +02:00
Simarpreet Singh 2e51a7d82c README: Update example yaml 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 2020-09-17 14:20:40 -07:00
Simarpreet Singh 888827683a Update README.md 2020-08-25 14:20:44 -07:00