diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index c141aaf5..59b8aa21 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -37,7 +37,7 @@ jobs: export AGENT_VERSION=`go run ./downloader.go -agent-version-latest -staging` ./docker-build.sh . --push - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@0.29.0 with: image-ref: ${{ env.DOCKER_IMAGE }}:${{ env.DOCKER_IMAGE_TAG }} format: table diff --git a/.github/workflows/on-demand.yml b/.github/workflows/on-demand.yml index 09c00c61..8d2cc8b7 100644 --- a/.github/workflows/on-demand.yml +++ b/.github/workflows/on-demand.yml @@ -30,7 +30,7 @@ jobs: - name: Run Trivy vulnerability scanner continue-on-error: true - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@0.29.0 with: image-ref: ${{ env.DOCKER_IMAGE }}:${{ env.DOCKER_IMAGE_TAG }} format: table diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 7f9c8672..bdc4d171 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -33,7 +33,7 @@ jobs: - name: Run Trivy in table mode # Table output is only useful when running on a pull request or push. if: contains(fromJSON('["push", "pull_request"]'), github.event_name) - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@0.29.0 with: image-ref: ${{ env.DOCKER_IMAGE }}:${{ env.DOCKER_IMAGE_TAG }} format: table @@ -47,7 +47,7 @@ jobs: - name: Run Trivy in report mode # Only generate sarif when running nightly on the main branch. if: ${{ github.event_name == 'schedule' }} - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@0.29.0 with: image-ref: ${{ env.DOCKER_IMAGE }}:${{ env.DOCKER_IMAGE_TAG }} format: "template"