search

temporalio / docker-builds

Temporal service Docker images build
https://hub.docker.com/r/temporaliotest/auto-setup
MIT License
30 stars 59 forks source link

Update Trivy action #247

Closed jackdawm closed 2 weeks ago

jackdawm commented 2 weeks ago

What was changed

Upgrade the codeql upload action to v3 and have it always run, even in a non-0 exit state.

Why?

This reporting seems to have been broken for 2 years, and I would like to see if the if: always() helps.

Checklist

  1. Closes

  2. How was this tested:

  3. Any docs updates needed?

jackdawm commented 2 weeks ago

Making a note that I have to update this to pull from a different image, and I should clone the public ghcr.io image to our ghcr.io repo in a different action like I did for Semgrep. Otherwise, if you look at the action for this, you'll notice it gets a rate limit error (as expected from https://github.com/aquasecurity/trivy-action/issues/389)