@@ -19,31 +19,15 @@ jobs:
1919 with : { go-version: stable }
2020 - run : go mod download
2121
22- # Login to the GitHub Packages registry to avoid rate limiting.
23- # - https://aquasecurity.github.io/trivy/v0.55/docs/references/troubleshooting/#github-rate-limiting
24- # - https://github.com/aquasecurity/trivy/issues/7580
25- # - https://github.com/aquasecurity/trivy-action/issues/389
26- # - https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry
27- # - https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions
28- - name : Login to GitHub Packages
29- run : >
30- docker login ghcr.io
31- --username '${{ github.actor }}'
32- --password-stdin <<< '${{ secrets.GITHUB_TOKEN }}'
33-
3422 # Report success only when detected licenses are listed in [/trivy.yaml].
35- # The "aquasecurity/trivy-action" action cannot access the Go module cache,
36- # so run Trivy from an image with the cache and local configuration mounted.
37- # - https://github.com/aquasecurity/trivy-action/issues/219
38- # - https://github.com/aquasecurity/trivy/pkgs/container/trivy
3923 - name : Scan licenses
40- run : >
41- docker run
42- --env 'DOCKER_CONFIG=/docker' --volume "${HOME}/.docker:/docker"
43- --env 'GOPATH=/go' --volume "$(go env GOPATH):/go"
44- --workdir '/mnt' --volume "$(pwd):/mnt"
45- 'ghcr.io/aquasecurity/trivy:latest'
46- filesystem --debug -- exit-code=1 --scanners=license .
24+ uses : aquasecurity/trivy-action@master
25+ env :
26+ TRIVY_DEBUG : true
27+ with :
28+ scan-type : filesystem
29+ scanners : license
30+ exit-code : 1
4731
4832 vulnerabilities :
4933 if : ${{ github.repository == 'CrunchyData/postgres-operator' }}
0 commit comments