a20de5420d
feat: store artifacts in cache by default ( #399 )
...
* feat: migrate to a composite action
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* Fix tests
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* Delete an unused input
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* test: expect status code 0
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* test: not use run
https://bats-core.readthedocs.io/en/stable/writing-tests.html#when-not-to-use-run
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* feat: add 'cache' input
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* docs: update README
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* feat: pin Trivy version
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* fix: bump trivy version
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* feat: use date for cache key
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* chore: delete a comment
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* docs: update README
Signed-off-by: knqyf263 <knqyf263@gmail.com >
* refactor: resolve conflicts and use envs
Signed-off-by: knqyf263 <knqyf263@gmail.com >
---------
Signed-off-by: knqyf263 <knqyf263@gmail.com >
2024-10-08 14:20:38 -06:00
1b8b83dcc2
docs: add usage info about action/cache for trivy databases ( #397 )
...
* docs: add info about using `action/cache` for `trivy-db`
* docs: add info about trivy-java-db and trivy-checks
2024-10-07 22:05:39 -06:00
f781cce5aa
feat(trivy): Bump to support v0.56.1 ( #387 )
...
* feat(trivy): Bump to support v0.55.2
* fix tests
* update github workflow
* upgrade to v0.56.0
* bump to trivy v0.56.1
* update tests
2024-10-07 14:14:19 -06:00
54f21d8382
ci: sync trivy-checks version 1 ( #398 )
...
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io >
2024-10-07 12:23:44 -06:00
89b14e517d
Upgrade GitHub actions ( #374 )
...
* Upgrade Github checkout action
* Upgrade Github upload-sarif action
* Upgrade Github checkout action - Pipeline
2024-10-02 14:41:43 -06:00
97646fedde
chore: use checks bundle snapshot from trivy-action ( #388 )
...
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io >
2024-09-19 08:58:52 -06:00
d9cd5b1c23
fix(Makefile): recursive option typo ( #371 )
2024-07-09 10:07:51 -06:00
6e7b7d1fd3
Upgrade trivy to v0.53.0 ( #369 )
...
* Upgrade trivy to v0.53.0
* update tests
---------
Co-authored-by: Simar <simar@linux.com >
2024-07-09 00:19:25 -06:00
7c2007bcb5
Upgrade trivy to v0.52.2 ( #367 )
...
* Upgrade trivy to v0.52.2
* Upgrade trivy to v0.52.2
2024-06-17 16:53:33 -06:00
595be6a0f6
Upgrade trivy to v0.52.0 ( #364 )
2024-06-06 17:41:36 -06:00
841fb371db
chore(docs): Reference the use of a pinned version ( #356 )
2024-05-22 18:59:56 -06:00
fd25fed697
bump trivy version to v0.51.2 ( #360 )
...
* bump trivy version to v0.51.2
* bump trivy version to v0.51.2
2024-05-21 16:33:02 -06:00
b2933f565d
bump trivy version to v0.51.1 ( #353 )
...
* bump trivy version to v0.51.1
* update tests
2024-05-07 21:42:16 -06:00
b2cd5ff52c
Update bump-trivy.yaml
2024-05-07 18:03:36 -06:00
6f8c23760b
update tests ( #334 )
...
* update tests
* rename trivy images
* rename workflow steps
2024-05-06 23:18:53 -06:00
7088d18dcb
Revert "fix: 🐛 allow trivy-config and other options to be used together ( #338 )"
...
This reverts commit ee6a4f5af1
2024-04-26 01:13:05 -06:00
ee6a4f5af1
fix: 🐛 allow trivy-config and other options to be used together ( #338 )
2024-04-25 23:57:46 -06:00
b5f4977b78
Bump trivy version to v0.50.2 ( #341 )
...
Co-authored-by: pdefreitas <5927433+pdefreitas@users.noreply.github.com >
2024-04-22 22:07:09 -06:00
207cd40078
Fix docker host bug ( #329 )
...
* Update entrypoint.sh
should be a value not boolean
* Update action.yaml
add example
* Update README.md
2024-04-04 22:59:05 -06:00
840deb4908
Browse scan reports without GitHub Advanced Security license ( #328 )
2024-04-04 22:58:29 -06:00
0f287db5d3
feat(image): add --docker-host option for GH Action users ( #267 )
...
* add option to update docker-host via cli parameter
* chore: update test results
---------
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com >
2024-04-03 17:26:17 -06:00
f72b7e8127
Make 'hide-progress' input working again ( #323 )
...
* Make hide-progress input working again
* Unify 'hide-progress' default value
2024-03-28 19:06:30 -06:00
d710430a67
bump trivy version to v0.50.1 ( #324 )
2024-03-27 16:22:09 -06:00
062f259268
fix: Refer to scan-ref when scan-type is "sbom" ( #314 )
2024-02-22 14:28:04 -07:00
1f6384b6ce
docs(report): improve documentation around Using Trivy to generate SBOM and sending it to Github ( #307 )
...
* Improved documentation with details on how to send output as an artifact on Github and giving an example of a private image scan
* formatting
* better name for job
2024-02-13 15:20:36 -07:00
84384bd6e7
Upgraded Trivy from 0.48.1 to v0.49.0 ( #304 )
2024-02-05 18:54:03 -07:00
f3d98514b0
fix: Fix skip-files and hide-progress options not being applied when using Sarif report format ( #297 )
...
* Update entrypoint.sh
* Update entrypoint.sh
* Update entrypoint.sh
2024-01-14 14:28:49 -07:00
0b9d17b6b5
docs: add configuration info for flags not supported by inputs ( #296 )
...
* docs: add information about configuration flags not supported by inputs
* docs: add env and config file to Customizing
2024-01-11 15:13:21 -07:00
d43c1f16c0
docs: fix typo in README.md ( #293 )
...
Signed-off-by: Lucas Bickel <hairmare@purplehaze.ch >
2024-01-02 17:53:48 -07:00
5f1841df8d
Update Trivy to 0.48.1 ( #291 )
...
* Update Trivy to 0.48.1
Signed-off-by: Martin Kemp <me@martinke.mp >
* update tests
---------
Signed-off-by: Martin Kemp <me@martinke.mp >
Co-authored-by: Simar <simar@linux.com >
2024-01-02 17:51:04 -07:00
91713af97d
Update to trivy version 0.48.0 ( #289 )
...
* Update to trivy version 0.48.0
---------
Signed-off-by: Simar <simar@linux.com >
Co-authored-by: Simar <simar@linux.com >
2023-12-08 11:08:35 -07:00
22d2755f77
feature(config): add terraform variable files ( #285 )
...
* Action now takes an input for terraform variable filess
* added tf-vars
* updated README.md
* Updated yamlconfig test to latest version of trivy output for that container
* updated for correct cpu type
* test trivy version change to 0.45.0
* run scan with correct parameters
* Added test for terraform tfvars
* Updated output for other tests
* use test data as path and updated tf vars to be relative
* removed quiet
2023-12-04 16:27:47 -07:00
2b6a709cf9
Add filesystem alias ( #269 )
2023-11-06 18:35:42 -07:00
47e481a388
Update to trivy version 0.47.0 in Dockerfile ( #280 )
...
See:
- https://github.com/aquasecurity/trivy/releases/tag/v0.47.0
2023-11-06 18:35:08 -07:00
7b07fa7d6a
fix: set return code after each Trivy call ( #247 )
...
This change moves the return code to outside the trivy call. This fixes
#228 as the return code was not being propagated.
2023-11-06 18:32:48 -07:00
f78e9ecf42
Update Dockerfile to 0.46.1 ( #277 )
...
This update fixes https://github.com/aquasecurity/trivy/issues/5441
2023-10-30 18:28:16 -06:00
b77b85c025
Update Dockerfile to 0.46.0 ( #274 )
...
* Update Dockerfile to 0.46.0
This will address bugs before 0.46.0
* updating tests
2023-10-25 11:39:02 -06:00
69cbbc0cbb
fix: mark image-ref attribute optional ( #261 )
2023-09-14 22:32:56 -06:00
fbd16365eb
feat(trivy): Bump to v0.45.0 ( #256 )
2023-09-01 11:44:50 -06:00
559eb1224e
Merge pull request #234 from jdsmithit/patch-1
...
Update README.md to change the example to the new default brach name …
2023-08-07 12:32:05 +01:00
e602665a11
ci: add workflow to bump trivy ( #245 )
...
* ci: add workflow to bump trivy
* update trivy version in tests
* dispatch event workflow_dispatch
* use ORG_REPO_TOKEN secret
2023-07-25 15:58:10 -06:00
3dd517d8c9
chore(deps): Update trivy to v0.43.1 ( #243 )
...
* chore(deps): Update trivy to v0.43.1
* fix tests
Signed-off-by: Simar <simar@linux.com >
---------
Signed-off-by: Simar <simar@linux.com >
2023-07-17 11:07:42 +03:00
41f05d9ecf
Revert "Include args when using trivy config file ( #231 )"
...
Fixes: https://github.com/aquasecurity/trivy-action/issues/238
This reverts commit 82ec0dd604
2023-06-09 16:37:19 -06:00
0cd397afbf
bump trivy to v0.42.1 ( #240 )
...
* bump trivy to v0.42.1
* revert formatting
2023-06-09 12:01:09 -06:00
b43daad0c3
feat: add exit-code parameter to sarif format ( #213 )
2023-06-05 11:19:20 -06:00
dedfa59531
Enhance GitHub Dependency Snapshot upload ( #233 )
2023-06-05 11:12:39 -06:00
f96f79aa22
bump trivy to v0.42.0 ( #237 )
...
* chore(deps): update trivy to v0.42.0
* revert formatting
* revert formatting again
* update sarif version in tests
2023-06-05 11:08:24 -06:00
82ec0dd604
Include args when using trivy config file ( #231 )
...
Previously, arguments provided using regular flags
were ignored if a trivy config file was provided
Note that this pull request makes no effort to
deduce or merge desired argument if the same
configuration with different values are provided
both within the config file and as flags. Behaviour
for this case would develop on the implementation
of trivy
2023-05-31 14:47:20 -06:00
463f27e2d8
Update README.md to change the example to the new default brach name main from master.
...
Update README.md to change the example to the new default branch name "main" from "master".
I hope this will make the action slightly easier to work with for newer members of the community.
2023-05-12 10:45:16 +01:00
e5f43133f6
chore: Update Trivy to 0.40.0 ( #223 )
...
* chore: Update trivy to 0.39.0
* chore: Update trivy to 0.40.0
2023-04-18 17:44:36 -07:00
Teppei Fukuda
DmitriyLewen
simar7
Nikita Pivkin
Oussama Bounaim
chris
Vinayak S
Francisco Javier Barón
Simar
arairyus
Pedro Freitas
Lukas Gravley
uridium
Calin Marina
uridium
cococig
Maxime Durand
Kyle Davies
Simão Silva
Lucas Bickel
Martin Kemp
Ivan Santos
Victor Sollerhed
Liam MacPherson
Witold Ślęczkowski
Brandon Helms
Pavel Kutáč
Anais Urlichs
Nikita Pivkin
Daniel Chabr
Roger Coll
abriko
Herman Wika Horn
John Smith
Bruce Bujon