Add security scan

openvinotoolkit · Jun 4, 2024 · 91ea89c · 91ea89c
1 parent efda5d3
commit 91ea89c
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/.github/workflows/code_scan.yml b/.github/workflows/code_scan.yml
@@ -31,7 +31,13 @@ jobs:
         run: |
           pip install .
           pip freeze > requirements.txt
-      - name: Run Trivy scan
+      - name: Run Trivy security scan
+        uses: aquasecurity/[email protected]
+        with:
+          scan-type: fs
+          scan-ref: requirements.txt
+          output: trivy-scan-results.txt
+      - name: Run Trivy spdx scan
         uses: aquasecurity/[email protected]
         with:
           scan-type: fs
@@ -42,4 +48,4 @@ jobs:
         uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
         with:
           name: trivy-scan-results
-          path: trivy-scan-results.spdx.json
+          path: trivy-scan-results.*