Fix Trivy

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
eclipse-hawkbit · Jan 9, 2025 · 043cdb0 · 043cdb0
1 parent 15be89c
commit 043cdb0
Showing 1 changed file with 1 addition and 7 deletions.
diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
@@ -11,12 +11,6 @@ jobs:
   scan:
     runs-on: ubuntu-latest
 
-    permissions:
-      contents: read
-      packages: read
-      # seems needed for github/codeql-action/upload-sarif
-      actions: write
-
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -61,5 +55,5 @@ jobs:
       - name: Upload Docker image scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: 'scans/eclipse-hawkbit/hawkbit'
+          sarif_file: 'scans/eclipse-hawkbit/hawkbit/hawkbit-update-server:latest.sarif'
           category: "Container Images"