Merge pull request #88 from daneshk/main

Revert back to the previous trivy action version
ballerina-platform · Oct 31, 2024 · 40c1d60 · 40c1d60
2 parents 6582cdf + e1ac4f9
commit 40c1d60
Showing 1 changed file with 6 additions and 10 deletions.
diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml
@@ -27,17 +27,13 @@ jobs:
       - name: Create lib directory if not exists
         run: mkdir -p ballerina/lib
       - name: Run Trivy vulnerability scanner
-        env:
-          TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
-          TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/[email protected]
         with:
-          scan-type: 'rootfs'
-          scan-ref: '${{ github.workspace.ballerina.lib }}/'
-          format: 'table'
-          timeout: '10m0s'
-          exit-code: '1'
-          scanners: "vuln"
+          scan-type: "rootfs"
+          scan-ref: "/github/workspace/ballerina/lib"
+          format: "table"
+          timeout: "10m0s"
+          exit-code: "1"
       - name: Set version env variable
         run: echo "VERSION=$((grep -w 'version' | cut -d= -f2) < gradle.properties | rev | cut --complement -d- -f1 | rev)" >> $GITHUB_ENV
       - name: Pre release dependency version update