Open kewei5zhang opened 1 year ago
I was able to solve this issue in my workflow by specifying the platform in trivy.yaml
file.
Example:
In trivy.yaml
:
image:
platform: linux/arm64
In GitHub Workflow file:
- uses: aquasecurity/trivy-action@0.6.0
with:
image-ref: '${{ inputs.AWS_ACCOUNT_ID }}.dkr.ecr.${{ inputs.AWS_REGION }}.amazonaws.com/${{ inputs.registry }}:${{ inputs.tag }}'
trivy-config: trivy.yaml
Found a better solution than trivy.yaml
config file.
See related issue/comment: https://github.com/aquasecurity/trivy-action/issues/279#issuecomment-1925050674
TLDR: specify image platform using TRIVY_
environment variables, like:
# ...
- uses: aquasecurity/trivy-action@0.6.0
if: ${{ steps.image_meta.outputs.IMAGE_META == ''}}
with:
image-ref: '${{ inputs.AWS_ACCOUNT_ID }}.dkr.ecr.${{ inputs.AWS_REGION }}.amazonaws.com/${{ inputs.registry }}:${{ inputs.tag }}'
format: 'table'
exit-code: '0'
ignore-unfixed: true
timeout: '10m0s'
vuln-type: 'os,library'
severity: 'CRITICAL'
env:
TRIVY_PLATFORM: linux/arm64
Behaviour
Steps to reproduce this issue
Expected behaviour
Actual behaviour
Configuration