mirror of https://github.com/aquasecurity/trivy-action.git synced 2026-05-14 03:02:40 +00:00

Files

T

Daniel Pacak 74538091fa docs: Update README.md (#4 )

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>

2020-06-02 21:17:22 +02:00

1.3 KiB

Raw Blame History

Trivy Action

GitHub Action for Trivy

Usage
- Workflow
Customizing
- Inputs

Usage

Workflow

name: build
on:
  push:
    branches:
      - master
  pull_request:
jobs:
  build:
    name: Build
    runs-on: ubuntu-18.04
    steps:
      - name: Setup Go
        uses: actions/setup-go@v1
        with:
          go-version: 1.14
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Build an image from Dockerfile
        run: |
          docker build -t docker.io/my-organization/my-app:${{ github.sha }}
      - name: Run vulnerability scanner
        uses: aquasecurity/trivy-action@0.0.4
        with:
          image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}'
          format: 'table'
          exit-code: '1'

Customizing

inputs

Following inputs can be used as step.with keys:

Name	Type	Default	Description
`image-ref`	String		Image reference, e.g. `alpine:3.10.2`
`format`	String	`table`	Output format (`table`, `json`)
`exit-code`	String	`0`	exit code when vulnerabilities were found

1.3 KiB Raw Blame History