aquasecurity/trivy-action
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy-action.git synced 2026-05-14 03:02:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
224 Commits 7 Branches 75 Tags
dea62cf79abc269fc35dfd161a4539f0d1f92293
Commit Graph

55 Commits

Author SHA1 Message Date
Argon-DevOps-Mgt dea62cf79a chore(deps): Update trivy to v0.70.0 (#559) 
Co-authored-by: GitHub Actions <actions@github.com>
 2026-04-22 12:55:59 +06:00
Nikita Pivkin 264c9c5e18 test: use pinned digests for trivy-db, trivy-java-db and trivy-checks (#555) 2026-04-13 14:53:11 +06:00
Aqua Security automated builds 57a97c7e78 chore(deps): Update trivy to v0.69.3 (#519) 
Co-authored-by: nikpivkin <nikpivkin@users.noreply.github.com>
 2026-03-04 13:13:53 +06:00
DmitriyLewen 97e0b3872f chore: bump Trivy version to v0.69.2 in test workflow and README (#515) 2026-03-02 09:22:29 +06:00
Nikita Pivkin 5a9fbb1236 supress progress bar when download db 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2026-02-25 15:15:54 +06:00
Nikita Pivkin df85774a45 add comment about fd3 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2026-02-25 13:06:11 +06:00
Nikita Pivkin 56c8daebb9 remove unused variable 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2026-02-25 12:50:43 +06:00
Nikita Pivkin 6476b939ea feat: support for YAML ignore file 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2026-02-20 19:06:31 +06:00
Aqua Security automated builds c1824fd6ed chore(deps): Update trivy to v0.69.1 (#506) 
Co-authored-by: simar7 <simar7@users.noreply.github.com>
 2026-02-12 12:51:05 -07:00
Nikita Pivkin 5eb7ef2605 ci: use checks bundle v2 in sync workflow (#505) 
* ci: use checks bundle v2 in sync workflow

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

* test: update golden files

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

---------

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2026-02-12 12:37:57 -07:00
simar7 0024b3f39e chore(deps): Update trivy to v0.68.1 2025-12-11 05:31:14 +00:00
Nikita Pivkin 83690f7d38 ci: install trivy in bump-trivy workflow and update tests (#495) 
* ci: install trivy in bump-trivy workflow

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

* test: diasble list-all-pkgs and remove ReportID

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

* ci: run tests after updating golden files

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

* fix BATS_LIB_PATH setting

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

---------

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-12-10 22:30:00 -07:00
Nikita Pivkin 85abccb4a4 dev: delete fanal.db before tests 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-08-27 13:05:59 +06:00
Nikita Pivkin 71f6a8fb8b dev: add update-golden goal 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-08-27 12:20:05 +06:00
Nikita Pivkin bf330b1153 test: update golden files 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-08-27 12:19:06 +06:00
Simar 636fd3c4eb fix: update tests 2025-08-26 19:12:07 -06:00
Aqua Security automated builds 76071ef0d7 chore(deps): Update trivy to v0.63.0 (#467) 
* chore(deps): Update trivy to v0.63.0

* update test data

---------

Co-authored-by: simar7 <simar7@users.noreply.github.com>
Co-authored-by: Simar <simar@linux.com>
 2025-06-03 13:38:46 +06:00
Rob Vesse 7aca5acc95 fix: Trivy action inputs leaking between invocations (#422) (#454) 
* fix: use trivy_envs.txt for envs

* test: add test step

* refactor

* refactor

* test

* refactor: use `export` in trivy_envs.txt

* test

* test metadata.json

* test metadata.json

* Clean up envs file better (#422)

- Explicitly rm -f it at start and end of action
- Also remove temporary test steps from action

* Add BATS test for usage of trivy_envs.txt file (#422)

* Add optional step triggered only when Actions Debug logging

Dump the generated environment variables file only when tests are run
with actions debug logging

* Fix to always set env vars into file (#422)

This is done as long as they have a non-empty input value, or a
non-empty default value.

* Clean up env overwriting

- Remove unnecessary debug statements in the action used during testing
- Additional explanatory comments
- Fix to address case where caller explicitly injects environment
  variables, either via env: block on the action call or via GITHUB_ENV

* Further refine env var setting logic (#422)

Noted in documenting this fix that what had been implemented deviated
from the existing configuration priority documentation.  Amended the
implementation of the Action to try and restore that consistency.

* Fix shell syntax error (#422)

---------

Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2025-04-04 23:59:10 -06:00
Nikita Pivkin 6c175e9c40 chore: bump trivy to v0.60.0 (#453) 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-03-13 20:58:00 -06:00
simar7 18f2510ee3 chore(deps): Bump trivy to v0.57.1 (#434) 
* chore(deps): Bump trivy to v0.57.1

* update tests

* use mirrors from mirror.gcr.io

* update workflow for tests

* Revert "use mirrors from mirror.gcr.io"

This reverts commit 529a941eed.
 2024-11-19 17:11:53 -07:00
Teppei Fukuda a20de5420d feat: store artifacts in cache by default (#399) 
* feat: migrate to a composite action

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* Fix tests

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* Delete an unused input

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* test: expect status code 0

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* test: not use run

https://bats-core.readthedocs.io/en/stable/writing-tests.html#when-not-to-use-run

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* feat: add 'cache' input

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* docs: update README

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* feat: pin Trivy version

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* fix: bump trivy version

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* feat: use date for cache key

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* chore: delete a comment

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* docs: update README

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* refactor: resolve conflicts and use envs

Signed-off-by: knqyf263 <knqyf263@gmail.com>

---------

Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-10-08 14:20:38 -06:00
simar7 f781cce5aa feat(trivy): Bump to support v0.56.1 (#387) 
* feat(trivy): Bump to support v0.55.2

* fix tests

* update github workflow

* upgrade to v0.56.0

* bump to trivy v0.56.1

* update tests
 2024-10-07 14:14:19 -06:00
Vinayak S 6e7b7d1fd3 Upgrade trivy to v0.53.0 (#369) 
* Upgrade trivy to v0.53.0

* update tests

---------

Co-authored-by: Simar <simar@linux.com>
 2024-07-09 00:19:25 -06:00
simar7 b2933f565d bump trivy version to v0.51.1 (#353) 
* bump trivy version to v0.51.1

* update tests
 2024-05-07 21:42:16 -06:00
Nikita Pivkin 6f8c23760b update tests (#334) 
* update tests

* rename trivy images

* rename workflow steps
 2024-05-06 23:18:53 -06:00
Calin Marina 0f287db5d3 feat(image): add --docker-host option for GH Action users (#267) 
* add option to update docker-host via cli parameter

* chore: update test results

---------

Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 2024-04-03 17:26:17 -06:00
Martin Kemp 5f1841df8d Update Trivy to 0.48.1 (#291) 
* Update Trivy to 0.48.1

Signed-off-by: Martin Kemp <me@martinke.mp>

* update tests

---------

Signed-off-by: Martin Kemp <me@martinke.mp>
Co-authored-by: Simar <simar@linux.com>
 2024-01-02 17:51:04 -07:00
Ivan Santos 91713af97d Update to trivy version 0.48.0 (#289) 
* Update to trivy version 0.48.0

 

---------

Signed-off-by: Simar <simar@linux.com>
Co-authored-by: Simar <simar@linux.com>
 2023-12-08 11:08:35 -07:00
Kyle Davies 22d2755f77 feature(config): add terraform variable files (#285) 
* Action now takes an input for terraform variable filess

* added tf-vars

* updated README.md

* Updated yamlconfig test to latest version of trivy output for that container

* updated for correct cpu type

* test trivy version change to 0.45.0

* run scan with correct parameters

* Added test for terraform tfvars

* Updated output for other tests

* use test data as path and updated tf vars to be relative

* removed quiet
 2023-12-04 16:27:47 -07:00
Brandon Helms b77b85c025 Update Dockerfile to 0.46.0 (#274) 
* Update Dockerfile to 0.46.0

This will address bugs before 0.46.0

* updating tests
 2023-10-25 11:39:02 -06:00
simar7 fbd16365eb feat(trivy): Bump to v0.45.0 (#256) 2023-09-01 11:44:50 -06:00
simar7 3dd517d8c9 chore(deps): Update trivy to v0.43.1 (#243) 
* chore(deps): Update trivy to v0.43.1

* fix tests

Signed-off-by: Simar <simar@linux.com>

---------

Signed-off-by: Simar <simar@linux.com>
 2023-07-17 11:07:42 +03:00
Simar 41f05d9ecf Revert "Include args when using trivy config file (#231)" 
Fixes: https://github.com/aquasecurity/trivy-action/issues/238

This reverts commit 82ec0dd604.
 2023-06-09 16:37:19 -06:00
Daniel Chabr 0cd397afbf bump trivy to v0.42.1 (#240) 
* bump trivy to v0.42.1

* revert formatting
 2023-06-09 12:01:09 -06:00
Daniel Chabr f96f79aa22 bump trivy to v0.42.0 (#237) 
* chore(deps): update trivy to v0.42.0

* revert formatting

* revert formatting again

* update sarif version in tests
 2023-06-05 11:08:24 -06:00
Herman Wika Horn 82ec0dd604 Include args when using trivy config file (#231) 
Previously, arguments provided using regular flags
were ignored if a trivy config file was provided

Note that this pull request makes no effort to
deduce or merge desired argument if the same
configuration with different values are provided
both within the config file and as flags. Behaviour
for this case would develop on the implementation
of trivy
 2023-05-31 14:47:20 -06:00
Bruce Bujon e5f43133f6 chore: Update Trivy to 0.40.0 (#223) 
* chore: Update trivy to 0.39.0

* chore: Update trivy to 0.40.0
 2023-04-18 17:44:36 -07:00
Viktor Sadovnikov 1f0aa582c8 Rename security-checks to scanners (#211) 
* Renaming securityChecks to runners

* Renaming securityChecks to runners

* Renaming securityChecks to runners

* Correcting README
 2023-03-06 21:00:01 -08:00
DmitriyLewen 43849adf01 bump trivy to v0.38.1 (#215) 2023-03-06 20:58:30 -08:00
Falk Puschner 8bd2f9fbda ⬆️ bump trivy action (#203) 2023-02-10 16:20:50 +09:00
simar7 cff3e9a7f6 feat(trivy): Bump Trivy to v0.37.1 (#199) 
Signed-off-by: Simar <simar@linux.com>
 2023-02-01 16:40:29 -08:00
Aibek 9ab158e859 Add 0.34.0 release (#177) 
* bump to ghcr.io/aquasecurity/trivy:0.33.0

* fix tests

* bump to 0.34.0
 2022-10-31 17:18:27 -07:00
simar7 1db49f5326 feat(trivy): Bump Trivy to v0.31.0 (#165) 
Fixes: https://github.com/aquasecurity/trivy-action/issues/164

Signed-off-by: Simar <simar@linux.com>

Signed-off-by: Simar <simar@linux.com>
 2022-08-16 17:25:38 -07:00
Carol Valencia 0d7cf2ddfb chore: improve message output sbom with gh (#145) 
* fix: merge with master- entrypoint

* chore: gitignore .vscode

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
 2022-08-02 15:24:58 -07:00
simar7 5144f05a8d fix(config): Drop mixing of options with yaml config. (#148) 
Also adds some documentation explaining how the config
and flags are used in conjunction with each other.

Fixes: https://github.com/aquasecurity/trivy-action/issues/147

Signed-off-by: Simar <simar@linux.com>
 2022-07-29 14:30:07 -07:00
simar7 81b9a6f5ab Update Dockerfile (#152) 2022-07-26 13:08:58 -07:00
simar7 503d3abc15 feat(yaml): Add support for trivy.yaml (#143) 
* feat(yaml): Add support for trivy.yaml

Signed-off-by: Simar <simar@linux.com>

* chore: fixing test using trivy v 0.30.0

* chore(deps): Update to use Trivy v0.30.2

Signed-off-by: Simar <simar@linux.com>

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
 2022-07-21 16:36:46 -07:00
simar7 bc615ae2d7 fix(tests): Update test golden files for Trivy v0.29.2 (#136) 
Fixes: https://github.com/aquasecurity/trivy-action/issues/133
Fixes: https://github.com/aquasecurity/trivy-action/issues/135

Signed-off-by: Simar <simar@linux.com>
 2022-06-29 14:33:23 -07:00
simar7 7b7aa264d8 feat(SBOM): Support SBOM generation (#129) 
* feat(sbom): Support SBOM generation

Signed-off-by: Simar <simar@linux.com>

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* feat(sbom): Send results within the entrypoint.sh

* fix(sbom): Fix leading whitespaces for format var.

Signed-off-by: Simar <simar@linux.com>

* docs(sbom): Update README.md

* docs(sbom): Update README.md

* chore(trivy): Bump Trivy version to 0.29.1

Signed-off-by: Simar <simar@linux.com>

* feat(sbom): Change to fs scan.

Signed-off-by: Simar <simar@linux.com>

* fix(tests): Update SARIF goldenfile

Co-authored-by: Itay Shakury <itay@itaysk.com>
 2022-06-22 11:24:39 -07:00
Carol Valencia 49e970d7ac chore: pinning 0.29.0 trivy (#128) 
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
 2022-06-17 13:27:39 -07:00