From 2876136a07af880562e53d4d925c9d9666c86226 Mon Sep 17 00:00:00 2001 From: Avgustin Marinov Date: Thu, 9 Jan 2025 13:55:45 +0200 Subject: [PATCH] Try Trivy Fix (#2182) Signed-off-by: Avgustin Marinov --- .github/workflows/trivy-scan.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml index 5dcf51a5d..4b2ba1977 100644 --- a/.github/workflows/trivy-scan.yml +++ b/.github/workflows/trivy-scan.yml @@ -11,10 +11,6 @@ jobs: scan: runs-on: ubuntu-latest - # seems needed for github/codeql-action/upload-sarif - permissions: - actions: write - steps: - name: Checkout code uses: actions/checkout@v4 @@ -57,7 +53,9 @@ jobs: done - name: Upload Docker image scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: 'scans/eclipse-hawkbit/hawkbit' category: "Container Images" + # seems needed for github/codeql-action/upload-sarif + permissions: write