trivy-action

Commit Graph

Author	SHA1	Message	Date
Lukas Gravley	207cd40078	Fix docker host bug (#329 ) * Update entrypoint.sh should be a value not boolean * Update action.yaml add example * Update README.md	1 month ago
uridium	840deb4908	Browse scan reports without GitHub Advanced Security license (#328 )	1 month ago
uridium	f72b7e8127	Make 'hide-progress' input working again (#323 ) * Make hide-progress input working again * Unify 'hide-progress' default value	2 months ago
Maxime Durand	1f6384b6ce	docs(report): improve documentation around `Using Trivy to generate SBOM` and sending it to Github (#307 ) * Improved documentation with details on how to send output as an artifact on Github and giving an example of a private image scan * formatting * better name for job	3 months ago
DmitriyLewen	0b9d17b6b5	docs: add configuration info for flags not supported by inputs (#296 ) * docs: add information about configuration flags not supported by inputs * docs: add env and config file to Customizing	4 months ago
Lucas Bickel	d43c1f16c0	docs: fix typo in README.md (#293 ) Signed-off-by: Lucas Bickel <hairmare@purplehaze.ch>	5 months ago
Kyle Davies	22d2755f77	feature(config): add terraform variable files (#285 ) * Action now takes an input for terraform variable filess * added tf-vars * updated README.md * Updated yamlconfig test to latest version of trivy output for that container * updated for correct cpu type * test trivy version change to 0.45.0 * run scan with correct parameters * Added test for terraform tfvars * Updated output for other tests * use test data as path and updated tf vars to be relative * removed quiet	6 months ago
John Smith	463f27e2d8	Update README.md to change the example to the new default brach name main from master. Update README.md to change the example to the new default branch name "main" from "master". I hope this will make the action slightly easier to work with for newer members of the community.	1 year ago
Guilherme Marz Vazzolla	1a09192c0e	docs: improve SBOM documentation (#208 ) * fix: dependency graph name ocurrences * feat: improve readability and add useful links * feat: improve readability and instructions Improves readability and adds missing information about github_token, another authentication method. * feat: add github_token instructions * feat: add github_token to inputs table * feat: add "what is an SBOM" link * fix: GitHub dependency graph name ocurrence * feat: improve SBOM input description * fix: remove "on pull request" trigger Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com> * fix: outdated input name --------- Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com>	1 year ago
Viktor Sadovnikov	1f0aa582c8	Rename security-checks to scanners (#211 ) * Renaming securityChecks to runners * Renaming securityChecks to runners * Renaming securityChecks to runners * Correcting README	1 year ago
Michael Cantú	ab15891596	Update README.md (#186 ) Fix typo	1 year ago
Omar Silva	cacfd7a243	docs: add trivy-config to table (#195 )	1 year ago
AndreyLevchenko	1e0bef4613	fix(sarif): Add option to limit severities for sarif (aquasecurity#192) (#198 )	1 year ago
Engin Diri	12814ff8bc	docs: correct format and add output on config scan with sarif (#159 )	2 years ago
simar7	5144f05a8d	fix(config): Drop mixing of options with yaml config. (#148 ) Also adds some documentation explaining how the config and flags are used in conjunction with each other. Fixes: https://github.com/aquasecurity/trivy-action/issues/147 Signed-off-by: Simar <simar@linux.com>	2 years ago
simar7	503d3abc15	feat(yaml): Add support for trivy.yaml (#143 ) * feat(yaml): Add support for trivy.yaml Signed-off-by: Simar <simar@linux.com> * chore: fixing test using trivy v 0.30.0 * chore(deps): Update to use Trivy v0.30.2 Signed-off-by: Simar <simar@linux.com> Co-authored-by: carolina valencia <krol3@users.noreply.github.com>	2 years ago
simar7	0105373003	docs(trivy): Add instructions to scan tarballs. (#134 ) Signed-off-by: Simar <simar@linux.com>	2 years ago
simar7	7b7aa264d8	feat(SBOM): Support SBOM generation (#129 ) * feat(sbom): Support SBOM generation Signed-off-by: Simar <simar@linux.com> * Update README.md Co-authored-by: Itay Shakury <itay@itaysk.com> * feat(sbom): Send results within the entrypoint.sh * fix(sbom): Fix leading whitespaces for format var. Signed-off-by: Simar <simar@linux.com> * docs(sbom): Update README.md * docs(sbom): Update README.md * chore(trivy): Bump Trivy version to 0.29.1 Signed-off-by: Simar <simar@linux.com> * feat(sbom): Change to fs scan. Signed-off-by: Simar <simar@linux.com> * fix(tests): Update SARIF goldenfile Co-authored-by: Itay Shakury <itay@itaysk.com>	2 years ago
nleconte-csgroup	63b6e4c61b	docs: added missing HTML template and removed deprecated SARIF template (#132 ) * docs: add missing template * docs: add missing template and remove deprecated Add missing HTML template Remove deprecated SARIF template * docs: remove deprecated SARIF template	2 years ago
Achton Smidt Winther	c666240787	Add missing option to README. (#127 )	2 years ago
David Calvert	e27605859b	feat: update codeql-action/upload-sarif to v2 (#124 )	2 years ago
Achton Smidt Winther	4b3b5f928b	Add support for --ignorefile option (.trivyignore) (#122 ) * Add support for supplying one or more .trivyignore files. * Fix gitignore for test data. * Add test for trivyignores option. * Be explicit about the trivy options we use during testing. * Add documentation of trivyignores option.	2 years ago
Tanguy Segarra	987beb8186	Enable security checks option for image type (#112 ) * Enable security checks option for image type * Readme: update security checks option * action.yaml: add default value for security checks option * echo env var * action.yaml: remove default value for security checks * remove useless echo	2 years ago
oranmoshai	9fbcc91008	(feat) Add support for security-checks flag When using fs mode add option to list of what security issues to detect	2 years ago
Chanaka Lakmal	296212627a	Update default value of timeout configuration (#97 )	2 years ago
Oran Moshai	a7a829a434	chore: update trivy version Dockerfile (#96 ) * chore: update trivy version Dockerfile * Update readme for sarif deprecate https://github.com/aquasecurity/trivy/discussions/1571 * docs: revert template and remove sarif.tpl * fix: update condition to use format variable Co-authored-by: oranmoshai <oran.moshai@aquasec.com> Co-authored-by: knqyf263 <knqyf263@gmail.com>	2 years ago
Masayoshi Mizutani	8f4c7160b4	feat: Add list-all-pkgs option (#88 )	2 years ago
gustavomonarin	9ec80b5796	feat(#59 ) add support to skip files (#60 ) * feat(#59) Add support to skip files closes #59 * Fix skipFiles parameter check The check should be if present not if enabled.	3 years ago
rahul2393	a58433e1c9	feat: added support for rootfs command (#84 )	3 years ago
Simar	7168e9ba5a	feat: Update README to include a case where upload upon failure (#78 ) * feat: Update README to include a case where upload is needed upon failure. Signed-off-by: Simar <simar@linux.com> * Update README.md	3 years ago
Brandon Sorgdrager	9438b49cc3	Enable config scanning (#56 ) * Bump trivy image to enable use of config scan-type * move --no-progress switch behind input arg and set default * prevent unrelated args from passing with config scan-type * fix invalid option passing * set artifactRef if scanType = config * Add workflow example for IAC/YAML scanning * Update README.md Co-authored-by: Simar <1254783+simar7@users.noreply.github.com> * Update README.md Co-authored-by: Simar <1254783+simar7@users.noreply.github.com> * clean hideProgress input Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>	3 years ago
Anand Gautam	09b815c470	feat: add ignore-policy option to filter vulnerabilities (#48 ) * feat: add ignore-policy option to filter vulnerabilities * fix: format README	3 years ago
Simar	0ce0e69d98	Update README.md	3 years ago
rahul2393	fd44a8c1a7	Improve Readme to remove docker build step (#43 ) * Remove docker build step * Update README.md Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>	3 years ago
rahul2393	731c4a9c64	Update readme to scan private repository (#42 ) * Printing env var to debug * Update Readme to scan private registries. * Apply suggestions from code review Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>	3 years ago
Simar	9c91cd8af6	Update README.md	3 years ago
Donald Piret	b38389f8ef	feat: add support for cache dire and timeout inputs (#35 )	3 years ago
rahul2393	e2054f8b6a	Added input option support (#34 ) * Added input option support * Fix position of input flag * update readme * Update README.md Co-authored-by: Simarpreet Singh <simar@linux.com>	3 years ago
Simarpreet Singh	6890ac5cba	Update README.md	3 years ago
Anand Gautam	c6431cf821	Feat/add skip dirs option (#33 ) Fixes: https://github.com/aquasecurity/trivy-action/issues/32	3 years ago
Simarpreet Singh	7294c6a408	Update README.md	3 years ago
Simarpreet Singh	df28e4135d	Update README.md Add a guide for using in repo mode	3 years ago
rahul2393	1d28acf359	Add scan type as option (#27 ) * Add scan type as option * Fix exitCode * remove all options * Add default value to scanRef and improve shell * print args * fix description. * More changes	3 years ago
Chris Aumann	7684771c94	Add vuln-type parameter (#19 ) Co-authored-by: Simarpreet Singh <simar@linux.com>	3 years ago
Simarpreet Singh	8595c5d059	Update README.md	3 years ago
Airtower	d8496b917f	docs: Add a link to the Trivy repository (#20 )	4 years ago
Simarpreet Singh	2e51a7d82c	README: Update example yaml Signed-off-by: Simarpreet Singh <simar@linux.com>	4 years ago
Simarpreet Singh	888827683a	Update README.md	4 years ago
Simarpreet Singh	6c3dd513ad	README: Clean up cruft Signed-off-by: Simarpreet Singh <simar@linux.com>	4 years ago
Simarpreet Singh	4edb45e6ff	docs: Fix docs and add improved example repo Signed-off-by: Simarpreet Singh <simar@linux.com>	4 years ago

1 2

61 Commits (master)