File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -221,13 +221,21 @@ jobs:
221221 image_name : ${{ github.repository }}-frontend
222222
223223 steps :
224- - name : Run Trivy vulnerability scanner on ${{ matrix.service }}
224+ - name : Run Trivy vulnerability scanner
225225 uses : aquasecurity/trivy-action@master
226226 with :
227- image-ref : ${{ env.REGISTRY }}/${{ matrix.image_name }}:${{ github.ref_name }}
227+ image-ref : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}
228228 format : ' sarif'
229- output : ' trivy-${{ matrix.service }}-results.sarif'
230- test
229+ output : ' trivy-results.sarif'
230+
231+ - name : Upload Trivy results to GitHub Security tab
232+ uses : github/codeql-action/upload-sarif@v3
233+ with :
234+ sarif_file : ' trivy-results.sarif'
235+
236+ pr-comment :
237+ name : Comment on PR
238+ needs : test
231239 if : github.event_name == 'pull_request'
232240 runs-on : ubuntu-latest
233241 permissions :
You can’t perform that action at this time.
0 commit comments