Lukas Gravley
207cd40078
Fix docker host bug ( #329 )
...
* Update entrypoint.sh
should be a value not boolean
* Update action.yaml
add example
* Update README.md
1 month ago
uridium
840deb4908
Browse scan reports without GitHub Advanced Security license ( #328 )
1 month ago
uridium
f72b7e8127
Make 'hide-progress' input working again ( #323 )
...
* Make hide-progress input working again
* Unify 'hide-progress' default value
2 months ago
Maxime Durand
1f6384b6ce
docs(report): improve documentation around `Using Trivy to generate SBOM` and sending it to Github ( #307 )
...
* Improved documentation with details on how to send output as an artifact on Github and giving an example of a private image scan
* formatting
* better name for job
3 months ago
DmitriyLewen
0b9d17b6b5
docs: add configuration info for flags not supported by inputs ( #296 )
...
* docs: add information about configuration flags not supported by inputs
* docs: add env and config file to Customizing
4 months ago
Lucas Bickel
d43c1f16c0
docs: fix typo in README.md ( #293 )
...
Signed-off-by: Lucas Bickel <hairmare@purplehaze.ch>
5 months ago
Kyle Davies
22d2755f77
feature(config): add terraform variable files ( #285 )
...
* Action now takes an input for terraform variable filess
* added tf-vars
* updated README.md
* Updated yamlconfig test to latest version of trivy output for that container
* updated for correct cpu type
* test trivy version change to 0.45.0
* run scan with correct parameters
* Added test for terraform tfvars
* Updated output for other tests
* use test data as path and updated tf vars to be relative
* removed quiet
6 months ago
John Smith
463f27e2d8
Update README.md to change the example to the new default brach name main from master.
...
Update README.md to change the example to the new default branch name "main" from "master".
I hope this will make the action slightly easier to work with for newer members of the community.
1 year ago
Guilherme Marz Vazzolla
1a09192c0e
docs: improve SBOM documentation ( #208 )
...
* fix: dependency graph name ocurrences
* feat: improve readability and add useful links
* feat: improve readability and instructions
Improves readability and adds missing information about github_token, another authentication method.
* feat: add github_token instructions
* feat: add github_token to inputs table
* feat: add "what is an SBOM" link
* fix: GitHub dependency graph name ocurrence
* feat: improve SBOM input description
* fix: remove "on pull request" trigger
Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com>
* fix: outdated input name
---------
Co-authored-by: Duncan Casteleyn <10881109+DuncanCasteleyn@users.noreply.github.com>
1 year ago
Viktor Sadovnikov
1f0aa582c8
Rename security-checks to scanners ( #211 )
...
* Renaming securityChecks to runners
* Renaming securityChecks to runners
* Renaming securityChecks to runners
* Correcting README
1 year ago
Michael Cantú
ab15891596
Update README.md ( #186 )
...
Fix typo
1 year ago
Omar Silva
cacfd7a243
docs: add trivy-config to table ( #195 )
1 year ago
AndreyLevchenko
1e0bef4613
fix(sarif): Add option to limit severities for sarif (aquasecurity#192) ( #198 )
1 year ago
Engin Diri
12814ff8bc
docs: correct format and add output on config scan with sarif ( #159 )
2 years ago
simar7
5144f05a8d
fix(config): Drop mixing of options with yaml config. ( #148 )
...
Also adds some documentation explaining how the config
and flags are used in conjunction with each other.
Fixes: https://github.com/aquasecurity/trivy-action/issues/147
Signed-off-by: Simar <simar@linux.com>
2 years ago
simar7
503d3abc15
feat(yaml): Add support for trivy.yaml ( #143 )
...
* feat(yaml): Add support for trivy.yaml
Signed-off-by: Simar <simar@linux.com>
* chore: fixing test using trivy v 0.30.0
* chore(deps): Update to use Trivy v0.30.2
Signed-off-by: Simar <simar@linux.com>
Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
2 years ago
simar7
0105373003
docs(trivy): Add instructions to scan tarballs. ( #134 )
...
Signed-off-by: Simar <simar@linux.com>
2 years ago
simar7
7b7aa264d8
feat(SBOM): Support SBOM generation ( #129 )
...
* feat(sbom): Support SBOM generation
Signed-off-by: Simar <simar@linux.com>
* Update README.md
Co-authored-by: Itay Shakury <itay@itaysk.com>
* feat(sbom): Send results within the entrypoint.sh
* fix(sbom): Fix leading whitespaces for format var.
Signed-off-by: Simar <simar@linux.com>
* docs(sbom): Update README.md
* docs(sbom): Update README.md
* chore(trivy): Bump Trivy version to 0.29.1
Signed-off-by: Simar <simar@linux.com>
* feat(sbom): Change to fs scan.
Signed-off-by: Simar <simar@linux.com>
* fix(tests): Update SARIF goldenfile
Co-authored-by: Itay Shakury <itay@itaysk.com>
2 years ago
nleconte-csgroup
63b6e4c61b
docs: added missing HTML template and removed deprecated SARIF template ( #132 )
...
* docs: add missing template
* docs: add missing template and remove deprecated
Add missing HTML template
Remove deprecated SARIF template
* docs: remove deprecated SARIF template
2 years ago
Achton Smidt Winther
c666240787
Add missing option to README. ( #127 )
2 years ago
David Calvert
e27605859b
feat: update codeql-action/upload-sarif to v2 ( #124 )
2 years ago
Achton Smidt Winther
4b3b5f928b
Add support for --ignorefile option (.trivyignore) ( #122 )
...
* Add support for supplying one or more .trivyignore files.
* Fix gitignore for test data.
* Add test for trivyignores option.
* Be explicit about the trivy options we use during testing.
* Add documentation of trivyignores option.
2 years ago
Tanguy Segarra
987beb8186
Enable security checks option for image type ( #112 )
...
* Enable security checks option for image type
* Readme: update security checks option
* action.yaml: add default value for security checks option
* echo env var
* action.yaml: remove default value for security checks
* remove useless echo
2 years ago
oranmoshai
9fbcc91008
(feat) Add support for security-checks flag
...
When using fs mode add option to list of what security issues to detect
2 years ago
Chanaka Lakmal
296212627a
Update default value of timeout configuration ( #97 )
2 years ago
Oran Moshai
a7a829a434
chore: update trivy version Dockerfile ( #96 )
...
* chore: update trivy version Dockerfile
* Update readme for sarif deprecate
https://github.com/aquasecurity/trivy/discussions/1571
* docs: revert template and remove sarif.tpl
* fix: update condition to use format variable
Co-authored-by: oranmoshai <oran.moshai@aquasec.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
2 years ago
Masayoshi Mizutani
8f4c7160b4
feat: Add list-all-pkgs option ( #88 )
2 years ago
gustavomonarin
9ec80b5796
feat( #59 ) add support to skip files ( #60 )
...
* feat(#59 ) Add support to skip files
closes #59
* Fix skipFiles parameter check
The check should be if present not if enabled.
3 years ago
rahul2393
a58433e1c9
feat: added support for rootfs command ( #84 )
3 years ago
Simar
7168e9ba5a
feat: Update README to include a case where upload upon failure ( #78 )
...
* feat: Update README to include a case where upload is needed upon failure.
Signed-off-by: Simar <simar@linux.com>
* Update README.md
3 years ago
Brandon Sorgdrager
9438b49cc3
Enable config scanning ( #56 )
...
* Bump trivy image to enable use of config scan-type
* move --no-progress switch behind input arg and set default
* prevent unrelated args from passing with config scan-type
* fix invalid option passing
* set artifactRef if scanType = config
* Add workflow example for IAC/YAML scanning
* Update README.md
Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
* Update README.md
Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
* clean hideProgress input
Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
3 years ago
Anand Gautam
09b815c470
feat: add ignore-policy option to filter vulnerabilities ( #48 )
...
* feat: add ignore-policy option to filter vulnerabilities
* fix: format README
3 years ago
Simar
0ce0e69d98
Update README.md
3 years ago
rahul2393
fd44a8c1a7
Improve Readme to remove docker build step ( #43 )
...
* Remove docker build step
* Update README.md
Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
3 years ago
rahul2393
731c4a9c64
Update readme to scan private repository ( #42 )
...
* Printing env var to debug
* Update Readme to scan private registries.
* Apply suggestions from code review
Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
3 years ago
Simar
9c91cd8af6
Update README.md
3 years ago
Donald Piret
b38389f8ef
feat: add support for cache dire and timeout inputs ( #35 )
3 years ago
rahul2393
e2054f8b6a
Added input option support ( #34 )
...
* Added input option support
* Fix position of input flag
* update readme
* Update README.md
Co-authored-by: Simarpreet Singh <simar@linux.com>
3 years ago
Simarpreet Singh
6890ac5cba
Update README.md
3 years ago
Anand Gautam
c6431cf821
Feat/add skip dirs option ( #33 )
...
Fixes: https://github.com/aquasecurity/trivy-action/issues/32
3 years ago
Simarpreet Singh
7294c6a408
Update README.md
3 years ago
Simarpreet Singh
df28e4135d
Update README.md
...
Add a guide for using in repo mode
3 years ago
rahul2393
1d28acf359
Add scan type as option ( #27 )
...
* Add scan type as option
* Fix exitCode
* remove all options
* Add default value to scanRef and improve shell
* print args
* fix description.
* More changes
3 years ago
Chris Aumann
7684771c94
Add vuln-type parameter ( #19 )
...
Co-authored-by: Simarpreet Singh <simar@linux.com>
3 years ago
Simarpreet Singh
8595c5d059
Update README.md
3 years ago
Airtower
d8496b917f
docs: Add a link to the Trivy repository ( #20 )
4 years ago
Simarpreet Singh
2e51a7d82c
README: Update example yaml
...
Signed-off-by: Simarpreet Singh <simar@linux.com>
4 years ago
Simarpreet Singh
888827683a
Update README.md
4 years ago
Simarpreet Singh
6c3dd513ad
README: Clean up cruft
...
Signed-off-by: Simarpreet Singh <simar@linux.com>
4 years ago
Simarpreet Singh
4edb45e6ff
docs: Fix docs and add improved example repo
...
Signed-off-by: Simarpreet Singh <simar@linux.com>
4 years ago