From 07153ee15d26e237d756c17384578d61568d3ad4 Mon Sep 17 00:00:00 2001
From: Avgustin Marinov <Avgustin.Marinov@bosch.com>
Date: Thu, 9 Jan 2025 14:52:39 +0200
Subject: [PATCH] Try to add security-events: write to trivy scan (#2187)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
---
 .github/workflows/trivy-scan.yml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
index 923682126..cb3f74372 100644
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@@ -6,14 +6,16 @@ on:
     - cron: '0 4 * * *'
   # enable running the workflow manually
   workflow_dispatch:
-  pull_request:
-    paths:
-      - '.github/trivy-scan.yml'
 
 jobs:
   scan:
     runs-on: ubuntu-latest
 
+    permissions:
+      contents: read
+      packages: read
+      security-events: write
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -59,5 +61,4 @@ jobs:
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'scans/eclipse-hawkbit/hawkbit/hawkbit-update-server:latest.sarif'
-          category: "Container Images"
-          debug: true
+          category: "Container Images"
\ No newline at end of file