WIP: initial introduction trivy scan

containers / fetchit

FetchIt is used to manage the life cycle and configuration of Podman containers

https://fetchit.readthedocs.io/

GNU Affero General Public License v3.0

124 stars 23 forks source link

WIP: initial introduction trivy scan #251

Closed cooktheryan closed 1 year ago

cooktheryan commented 2 years ago


          image-ref: quay.io/fetchit/fetchit-amd:latest
          format: 'github'
          exit-code: '1'
          ignore-unfixed: true
          output: 'dependency-results.sbom.json'
          github-token: ${{ secrets.GITHUB_TOKEN }}
          vuln-type: 'os,library'
          severity: 'CRITICAL,HIGH'```