File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 9494 - name : Run TFLint
9595 # assign necessary variables to avoid errors
9696 run : ' tflint --var '' enable_managed_kms_key=true'' --var='' runner_instance={"name_prefix": "a", "name": "b"}'' '
97-
98- tfsec :
99- name : tfsec PR commenter
100- runs-on : ubuntu-latest
101-
102- steps :
103- - name : Clone repo
104- uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
105-
106- - name : tfsec
107- uses : aquasecurity/tfsec-pr-commenter-action@7a44c5dcde5dfab737363e391800629e27b6376b # v1.3.1
108- with :
109- github_token : ${{ github.token }}
Original file line number Diff line number Diff line change 1- # This workflow uses actions that are not certified by GitHub.
2- # They are provided by a third-party and are governed by
3- # separate terms of service, privacy policy, and support
4- # documentation.
5-
6- name : tfsec
1+ name : trivy
72
83on :
94 push :
149permissions : read-all
1510
1611jobs :
17- tfsec :
18- name : tfsec sarif report
12+ trivy :
13+ name : trivy sarif report
1914 runs-on : ubuntu-latest
2015 permissions :
2116 actions : read
@@ -28,13 +23,14 @@ jobs:
2823 with :
2924 persist-credentials : false
3025
31- - name : tfsec
32- uses : aquasecurity/tfsec-sarif- action@21ded20e8ca120cd9d3d6ab04ef746477542a608 # v0.1.4
26+ - name : Run Trivy
27+ uses : aquasecurity/trivy- action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
3328 with :
34- sarif_file : tfsec.sarif
29+ scan-type : config
30+ format : sarif
31+ output : trivy.sarif
3532
3633 - name : Upload SARIF file
3734 uses : github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
3835 with :
39- # Path to SARIF file relative to the root of the repository
40- sarif_file : tfsec.sarif
36+ sarif_file : trivy.sarif
You can’t perform that action at this time.
0 commit comments