CI: Add image to scan

bbusse · Jan 10, 2024 · c9e290b · c9e290b
1 parent 8b54fbb
commit c9e290b
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml
@@ -7,7 +7,7 @@ on:
 
 jobs:
   build:
-    name: Build
+    name: Scan images
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout code
@@ -19,3 +19,10 @@ jobs:
           image-ref: 'ghcr.io/bbusse/gtfso-import'
           format: 'sarif'
           output: 'trivy-results.sarif'
+
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'ghcr.io/bbusse/gtfso-vbb'
+          format: 'sarif'
+          output: 'trivy-results.sarif'