💚 [maykinmedia/objects-api#463] Temporarily disable Trivy in CI

maykinmedia · Oct 3, 2024 · dc1e6ba · dc1e6ba
1 parent d03fd1b
commit dc1e6ba
Showing 1 changed file with 22 additions and 22 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -162,28 +162,28 @@ jobs:
  path: image.tar
  retention-days: 1
 
- image_scan:
- runs-on: ubuntu-latest
- name: Scan docker image
- needs:
- - docker
-
- steps:
- - name: Download built image
- uses: actions/download-artifact@v3
- with:
- name: docker-image
- - name: Scan image with Trivy
- uses: aquasecurity/trivy-action@master
- with:
- input: /github/workspace/image.tar # from download-artifact
- format: 'sarif'
- output: 'trivy-results-docker.sarif'
- ignore-unfixed: true
- - name: Upload results to GH Security tab
- uses: github/codeql-action/upload-sarif@v3
- with:
- sarif_file: 'trivy-results-docker.sarif'
+ # image_scan:
+ #  runs-on: ubuntu-latest
+ #  name: Scan docker image
+ #  needs:
+ #  - docker
+
+ #  steps:
+ #  - name: Download built image
+ #  uses: actions/download-artifact@v3
+ #  with:
+ #  name: docker-image
+ #  - name: Scan image with Trivy
+ #  uses: aquasecurity/trivy-action@master
+ #  with:
+ #  input: /github/workspace/image.tar # from download-artifact
+ #  format: 'sarif'
+ #  output: 'trivy-results-docker.sarif'
+ #  ignore-unfixed: true
+ #  - name: Upload results to GH Security tab
+ #  uses: github/codeql-action/upload-sarif@v3
+ #  with:
+ #  sarif_file: 'trivy-results-docker.sarif'
 
  publish:
  needs: