Open tarlepp opened 6 months ago
For some reason I'm getting this error with trivy action configuration like:
# GitHub Actions docs # https://help.github.com/en/articles/about-github-actions # https://help.github.com/en/articles/workflow-syntax-for-github-actions name: Vulnerability Scan on: schedule: - cron: '0 12 * * *' workflow_dispatch: jobs: scan: name: Scan docker image with Trivy runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Build the Docker image run: docker build . --file Dockerfile --tag symfony-flex-backend:master - name: Scan image with Trivy uses: lazy-actions/gitrivy@v3 with: token: ${{ secrets.GITHUB_TOKEN }} image: symfony-flex-backend:master ignore-unfixed: true
https://github.com/tarlepp/symfony-flex-backend/blob/master/.github/workflows/vulnerability-scan.yml
and the link to action run - https://github.com/tarlepp/symfony-flex-backend/actions/runs/8486331141/job/23252586636
That severity option is listed in https://github.com/lazy-actions/gitrivy?tab=readme-ov-file#inputs and I'm not even sending that myself.
severity
What I'm doing wrong here?
For some reason I'm getting this error with trivy action configuration like:
https://github.com/tarlepp/symfony-flex-backend/blob/master/.github/workflows/vulnerability-scan.yml
and the link to action run - https://github.com/tarlepp/symfony-flex-backend/actions/runs/8486331141/job/23252586636
That
severity
option is listed in https://github.com/lazy-actions/gitrivy?tab=readme-ov-file#inputs and I'm not even sending that myself.What I'm doing wrong here?