Closed prasrvenkat closed 4 years ago
I have the same problem Following is my github workflow file:
name: Vulnerability Scan
on:
push:
paths:
- '.github/workflows/05_trivy_scan.yml'
- 'resources/iot-c/**'
# Sequence of patterns matched against refs/heads
branches:
- master # Push events on master branch
- 'release*' # Push events to branches matching refs/heads/release_01
jobs:
scan:
name: Docker image Vulnerability Scan
runs-on: ubuntu-18.04
steps:
- name: Pull docker image
run: docker pull dgs19/iot-collector:latest
- name: scan with trivy
uses: homoluctus/gitrivy@v1
with:
image: dgs19/iot-collector:latest
And following is the error I get:
scan with trivy
19s
##[error]Node run failed with exit code 1
Run homoluctus/gitrivy@v1
with:
image: dgs19/iot-collector:latest
trivy_version: latest
severity: HIGH,CRITICAL
vuln_type: os,library
ignore_unfixed: false
issue: true
issue_title: Security Alert
issue_label: trivy,vulnerability
Download URL: https://github.com/aquasecurity/trivy/releases/download/v0.4.3/trivy_0.4.3_Linux-64bit.tar.gz
Trivy Command Path: /home/runner/work/dgs19/dgs19/trivy
##[error]TypeError: cve.References is not iterable
at Trivy.parse (/home/runner/work/_actions/homoluctus/gitrivy/v1/dist/index.js:13352:45)
at /home/runner/work/_actions/homoluctus/gitrivy/v1/dist/index.js:6599:40
at Generator.next (<anonymous>)
at fulfilled (/home/runner/work/_actions/homoluctus/gitrivy/v1/dist/index.js:6555:58)
##[error]cve.References is not iterable
##[error]Node run failed with exit code 1
@prasrvenkat @gerassimos
Thanks for the feedback.
Using it with default options, any idea if I am missing something?