From 7c954bada5ef0d80e0b84f830efac4fd4355d096 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 20 Nov 2024 09:11:51 -0600 Subject: [PATCH] Update aquasecurity/trivy-action action to v0.29.0 (#83) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/pr-operator.yml | 8 ++++---- .github/workflows/release-operator.yml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/pr-operator.yml b/.github/workflows/pr-operator.yml index c974095..5c25e1b 100644 --- a/.github/workflows/pr-operator.yml +++ b/.github/workflows/pr-operator.yml @@ -262,7 +262,7 @@ jobs: load: true - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # 0.17.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 with: scan-type: image image-ref: ${{ env.OPERATOR_IMAGE_REPOSITORY }}:latest-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }} @@ -270,7 +270,7 @@ jobs: output: "operator-cosignvuln.json" - name: Run Trivy SBOM generator - uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # 0.17.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 with: scan-type: image image-ref: ${{ env.OPERATOR_IMAGE_REPOSITORY }}:latest-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }} @@ -387,7 +387,7 @@ jobs: load: true - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # 0.17.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 with: scan-type: image image-ref: ${{ env.BUNDLE_IMAGE_REPOSITORY }}:latest-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }} @@ -395,7 +395,7 @@ jobs: output: "bundle-cosignvuln.json" - name: Run Trivy SBOM generator - uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # 0.17.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 with: scan-type: image image-ref: ${{ env.BUNDLE_IMAGE_REPOSITORY }}:latest-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }} diff --git a/.github/workflows/release-operator.yml b/.github/workflows/release-operator.yml index 2a5ea2d..4741469 100644 --- a/.github/workflows/release-operator.yml +++ b/.github/workflows/release-operator.yml @@ -337,7 +337,7 @@ jobs: cosign sign --yes ${IMAGE_URI} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # 0.17.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 env: TRIVY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} TRIVY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} @@ -348,7 +348,7 @@ jobs: output: "cosign-vuln.json" - name: Run Trivy SBOM generator - uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # 0.17.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 env: TRIVY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} TRIVY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} @@ -568,7 +568,7 @@ jobs: cosign sign --yes ${IMAGE_URI} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # 0.17.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 env: TRIVY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} TRIVY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} @@ -579,7 +579,7 @@ jobs: output: "cosign-vuln.json" - name: Run Trivy SBOM generator - uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # 0.17.0 + uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0 env: TRIVY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} TRIVY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}