trivy action

benjaminjb · Jan 20, 2023 · a76f02a · a76f02a
1 parent c1cfbbd
commit a76f02a
Showing 1 changed file with 2 additions and 6 deletions.
diff --git a/.github/workflows/trivy-scan.yaml b/.github/workflows/trivy-scan.yaml
@@ -22,12 +22,6 @@ jobs:
     steps:
       - uses: actions/checkout@v3
 
-      - name: Log all detected vulnerabilities
-        uses: aquasecurity/trivy-action@master
-        with:
-          scan-type: fs
-          hide-progress: true
-
       # Upload actionable results to the GitHub Security tab.
       # Pull request checks fail according to repository settings.
       #
@@ -40,6 +34,8 @@ jobs:
           ignore-unfixed: true
           format: 'sarif'
           output: 'trivy-results.sarif'
+          hide-progress: true
+          exit-code: 1
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2