Implement Basic Trivy Scanning Workflow #8
josecelanodocker-security-scan.yml
on: pull_request
Matrix: Scan Project-Built Docker Images
Matrix: Scan Third-Party Docker Images
Upload SARIF Results to GitHub Security
6s
Annotations
11 errors
|
Scan Third-Party Docker Images (prom/prometheus:v3.0.1)
The artifact name is not valid: sarif-third-party-prom/prometheus:v3.0.1. Contains the following character: Colon :
Invalid characters include: Double quote ", Colon :, Less than <, Greater than >, Vertical bar |, Asterisk *, Question mark ?, Carriage return \r, Line feed \n, Backslash \, Forward slash /
These characters are not allowed in the artifact name due to limitations with certain file systems such as NTFS. To maintain file system agnostic behavior, these characters are intentionally not allowed to prevent potential problems with downloads on different file systems.
|
|
Scan Third-Party Docker Images (prom/prometheus:v3.0.1)
Process completed with exit code 1.
|
|
Scan Third-Party Docker Images (torrust/tracker:develop)
The artifact name is not valid: sarif-third-party-torrust/tracker:develop. Contains the following character: Colon :
Invalid characters include: Double quote ", Colon :, Less than <, Greater than >, Vertical bar |, Asterisk *, Question mark ?, Carriage return \r, Line feed \n, Backslash \, Forward slash /
These characters are not allowed in the artifact name due to limitations with certain file systems such as NTFS. To maintain file system agnostic behavior, these characters are intentionally not allowed to prevent potential problems with downloads on different file systems.
|
|
Scan Third-Party Docker Images (torrust/tracker:develop)
Process completed with exit code 1.
|
|
Scan Third-Party Docker Images (grafana/grafana:11.4.0)
The artifact name is not valid: sarif-third-party-grafana/grafana:11.4.0. Contains the following character: Colon :
Invalid characters include: Double quote ", Colon :, Less than <, Greater than >, Vertical bar |, Asterisk *, Question mark ?, Carriage return \r, Line feed \n, Backslash \, Forward slash /
These characters are not allowed in the artifact name due to limitations with certain file systems such as NTFS. To maintain file system agnostic behavior, these characters are intentionally not allowed to prevent potential problems with downloads on different file systems.
|
|
Scan Third-Party Docker Images (grafana/grafana:11.4.0)
Process completed with exit code 1.
|
|
Scan Third-Party Docker Images (mysql:8.0)
The artifact name is not valid: sarif-third-party-mysql:8.0. Contains the following character: Colon :
Invalid characters include: Double quote ", Colon :, Less than <, Greater than >, Vertical bar |, Asterisk *, Question mark ?, Carriage return \r, Line feed \n, Backslash \, Forward slash /
These characters are not allowed in the artifact name due to limitations with certain file systems such as NTFS. To maintain file system agnostic behavior, these characters are intentionally not allowed to prevent potential problems with downloads on different file systems.
|
|
Scan Third-Party Docker Images (mysql:8.0)
Process completed with exit code 1.
|
|
Scan Project-Built Docker Images (docker/ssh-server/Dockerfile, docker/ssh-server, ssh-server)
Process completed with exit code 1.
|
|
Scan Project-Built Docker Images (docker/provisioned-instance/Dockerfile, docker/provisioned-inst...
Process completed with exit code 1.
|
|
Upload SARIF Results to GitHub Security
The CodeQL Action does not support uploading multiple SARIF runs with the same category. Please update your workflow to upload a single run per category. For more information, see https://github.blog/changelog/2025-07-21-code-scanning-will-stop-combining-multiple-sarif-runs-uploaded-in-the-same-sarif-file/
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sarif-project-provisioned-instance
Expired
|
7.38 KB |
sha256:3d887c467e6375876172681a546608d2d657026007e46e43b9422b67cd7825fe
|
|
|
sarif-project-ssh-server
Expired
|
1.55 KB |
sha256:90ae0323c8bc54bd719f221fe209c02a6d33bba945eea73bdb1262449cf1241b
|
|