Try to add security-events: write to trivy scan (#2187)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
11
.github/workflows/trivy-scan.yml
vendored
11
.github/workflows/trivy-scan.yml
vendored
@@ -6,14 +6,16 @@ on:
|
|||||||
- cron: '0 4 * * *'
|
- cron: '0 4 * * *'
|
||||||
# enable running the workflow manually
|
# enable running the workflow manually
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
pull_request:
|
|
||||||
paths:
|
|
||||||
- '.github/trivy-scan.yml'
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
scan:
|
scan:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
packages: read
|
||||||
|
security-events: write
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
@@ -59,5 +61,4 @@ jobs:
|
|||||||
uses: github/codeql-action/upload-sarif@v3
|
uses: github/codeql-action/upload-sarif@v3
|
||||||
with:
|
with:
|
||||||
sarif_file: 'scans/eclipse-hawkbit/hawkbit/hawkbit-update-server:latest.sarif'
|
sarif_file: 'scans/eclipse-hawkbit/hawkbit/hawkbit-update-server:latest.sarif'
|
||||||
category: "Container Images"
|
category: "Container Images"
|
||||||
debug: true
|
|
||||||
Reference in New Issue
Block a user