andrew_zah
/
trivy-action
mirror of https://github.com/aquasecurity/trivy-action
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
145 Commits
16 Branches
59 Tags
1.5 MiB
use-pinned-version
master
update-to-v0.45.0
update-trivy-v0.43.1
bump-trivy-3
bump-trivy
add-support-for-trivy-config
fix-golden-files
exit-code-test
update-tarball-docs
volume-mounts
update-readme
revert-45-fix_sarif_duplicate_rule_id
knqyf263-patch-1
artifact_types
sarif-support-2
0.0.1
0.0.10
0.0.11
0.0.12
0.0.13
0.0.14
0.0.15
0.0.16
0.0.17
0.0.18
0.0.19
0.0.2
0.0.20
0.0.21
0.0.22
0.0.3
0.0.4
0.0.5
0.0.6
0.0.7
0.0.8
0.0.9
0.1.0
0.10.0
0.11.0
0.11.1
0.11.2
0.12.0
0.13.0
0.13.1
0.14.0
0.15.0
0.16.0
0.16.1
0.17.0
0.18.0
0.19.0
0.2.0
0.2.1
0.2.2
0.2.3
0.2.4
0.2.5
0.20.0
0.3.0
0.4.0
0.4.1
0.5.0
0.5.1
0.6.0
0.6.1
0.6.2
0.7.0
0.7.1
0.8.0
0.9.0
0.9.1
0.9.2
v0.0.10
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Commit Graph

43 Commits (master)

Author SHA1 Message Date
Simar 7088d18dcb Revert "fix: 🐛 allow trivy-config and other options to be used together (#338)" 
This reverts commit ee6a4f5af1.
 3 weeks ago
arairyus ee6a4f5af1
fix: 🐛 allow trivy-config and other options to be used together (#338) 3 weeks ago
Lukas Gravley 207cd40078
Fix docker host bug (#329) 
* Update entrypoint.sh

should be a value not boolean

* Update action.yaml

add example

* Update README.md
 1 month ago
Calin Marina 0f287db5d3
feat(image): add `--docker-host` option for GH Action users (#267) 
* add option to update docker-host via cli parameter

* chore: update test results

---------

Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
 2 months ago
uridium f72b7e8127
Make 'hide-progress' input working again (#323) 
* Make hide-progress input working again

* Unify 'hide-progress' default value
 2 months ago
cococig 062f259268
fix: Refer to scan-ref when scan-type is "sbom" (#314) 3 months ago
Simão Silva f3d98514b0
fix: Fix `skip-files` and `hide-progress` options not being applied when using Sarif report format (#297) 
* Update entrypoint.sh

* Update entrypoint.sh

* Update entrypoint.sh
 4 months ago
Kyle Davies 22d2755f77
feature(config): add terraform variable files (#285) 
* Action now takes an input for terraform variable filess

* added tf-vars

* updated README.md

* Updated yamlconfig test to latest version of trivy output for that container

* updated for correct cpu type

* test trivy version change to 0.45.0

* run scan with correct parameters

* Added test for terraform tfvars

* Updated output for other tests

* use test data as path and updated tf vars to be relative

* removed quiet
 6 months ago
Kyle Davies 2b6a709cf9
Add filesystem alias (#269) 6 months ago
Liam MacPherson 7b07fa7d6a
fix: set return code after each Trivy call (#247) 
This change moves the return code to outside the trivy call. This fixes
#228 as the return code was not being propagated.
 6 months ago
Simar 41f05d9ecf Revert "Include args when using trivy config file (#231)" 
Fixes: https://github.com/aquasecurity/trivy-action/issues/238

This reverts commit 82ec0dd604.
 12 months ago
Roger Coll b43daad0c3
feat: add exit-code parameter to sarif format (#213) 12 months ago
abriko dedfa59531
Enhance GitHub Dependency Snapshot upload (#233) 12 months ago
Herman Wika Horn 82ec0dd604
Include args when using trivy config file (#231) 
Previously, arguments provided using regular flags
were ignored if a trivy config file was provided

Note that this pull request makes no effort to
deduce or merge desired argument if the same
configuration with different values are provided
both within the config file and as flags. Behaviour
for this case would develop on the implementation
of trivy
 12 months ago
Viktor Sadovnikov 1f0aa582c8
Rename security-checks to scanners (#211) 
* Renaming securityChecks to runners

* Renaming securityChecks to runners

* Renaming securityChecks to runners

* Correcting README
 1 year ago
AndreyLevchenko 1e0bef4613
fix(sarif): Add option to limit severities for sarif (aquasecurity#192) (#198) 1 year ago
chejn d63413b0a4
Fix github dependency submission API call (#162) 
* Update entrypoint.sh

* Update entrypoint.sh

* Update entrypoint.sh
 2 years ago
simar7 cb606dfdb0
fix(sarif): Add timeout and security-checks for sarif (#156) 2 years ago
Carol Valencia 0d7cf2ddfb
chore: improve message output sbom with gh (#145) 
* fix: merge with master- entrypoint

* chore: gitignore .vscode

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
 2 years ago
simar7 5144f05a8d
fix(config): Drop mixing of options with yaml config. (#148) 
Also adds some documentation explaining how the config
and flags are used in conjunction with each other.

Fixes: https://github.com/aquasecurity/trivy-action/issues/147

Signed-off-by: Simar <simar@linux.com>
 2 years ago
simar7 503d3abc15
feat(yaml): Add support for trivy.yaml (#143) 
* feat(yaml): Add support for trivy.yaml

Signed-off-by: Simar <simar@linux.com>

* chore: fixing test using trivy v 0.30.0

* chore(deps): Update to use Trivy v0.30.2

Signed-off-by: Simar <simar@linux.com>

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
 2 years ago
simar7 7b7aa264d8
feat(SBOM): Support SBOM generation (#129) 
* feat(sbom): Support SBOM generation

Signed-off-by: Simar <simar@linux.com>

* Update README.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* feat(sbom): Send results within the entrypoint.sh

* fix(sbom): Fix leading whitespaces for format var.

Signed-off-by: Simar <simar@linux.com>

* docs(sbom): Update README.md

* docs(sbom): Update README.md

* chore(trivy): Bump Trivy version to 0.29.1

Signed-off-by: Simar <simar@linux.com>

* feat(sbom): Change to fs scan.

Signed-off-by: Simar <simar@linux.com>

* fix(tests): Update SARIF goldenfile

Co-authored-by: Itay Shakury <itay@itaysk.com>
 2 years ago
Achton Smidt Winther 4b3b5f928b
Add support for --ignorefile option (.trivyignore) (#122) 
* Add support for supplying one or more .trivyignore files.

* Fix gitignore for test data.

* Add test for trivyignores option.

* Be explicit about the trivy options we use during testing.

* Add documentation of trivyignores option.
 2 years ago
Tanguy Segarra 987beb8186
Enable security checks option for image type (#112) 
* Enable security checks option for image type

* Readme: update security checks option

* action.yaml: add default value for security checks option

* echo env var

* action.yaml: remove default value for security checks

* remove useless echo
 2 years ago
Carol Valencia 4b9b6fb4ef
chore: update test to version 0.27.1 (#106) 
* chore: update test to version 0.27.0

* chore: add test file secret and update to 0.27.1

* fix: support repository with securityCheck secret

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
 2 years ago
oranmoshai 9fbcc91008 (feat) Add support for security-checks flag 
When using fs mode add option to list of what security issues to detect
 2 years ago
Carol Valencia 40c4ca9e74
feat: bash unit test - adding repo (#101) 
* feat: bash unit test - adding repo

* fix: clean dummy data

Co-authored-by: carolina valencia <krol3@users.noreply.github.com>
 2 years ago
Oran Moshai a7a829a434
chore: update trivy version Dockerfile (#96) 
* chore: update trivy version Dockerfile

* Update readme for sarif deprecate
https://github.com/aquasecurity/trivy/discussions/1571

* docs: revert template and remove sarif.tpl

* fix: update condition to use format variable

Co-authored-by: oranmoshai <oran.moshai@aquasec.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
 2 years ago
Masayoshi Mizutani 8f4c7160b4
feat: Add list-all-pkgs option (#88) 2 years ago
gustavomonarin 9ec80b5796
feat(#59) add support to skip files (#60) 
* feat(#59) Add support to skip files

closes #59

* Fix skipFiles parameter check

The check should be if present not if enabled.
 3 years ago
rahul2393 a58433e1c9
feat: added support for rootfs command (#84) 3 years ago
rahul2393 2a2157eb22
chore: Include skip options other than severity filter option when building SARIF report. (#79) 3 years ago
Simar 1ccef265f5
feat: Build a full SARIF report even if under accepted severity level. (#73) 
Signed-off-by: Simar <simar@linux.com>
 3 years ago
Brandon Sorgdrager 9438b49cc3
Enable config scanning (#56) 
* Bump trivy image to enable use of config scan-type

* move --no-progress switch behind input arg and set default

* prevent unrelated args from passing with config scan-type

* fix invalid option passing

* set artifactRef if scanType = config

* Add workflow example for IAC/YAML scanning

* Update README.md

Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>

* Update README.md

Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>

* clean hideProgress input

Co-authored-by: Simar <1254783+simar7@users.noreply.github.com>
 3 years ago
Valentin Laurin ac8de07fd1
Pass --cache-dir as global argument to Trivy (#51) 3 years ago
Anand Gautam 09b815c470
feat: add ignore-policy option to filter vulnerabilities (#48) 
* feat: add ignore-policy option to filter vulnerabilities

* fix: format README
 3 years ago
rahul2393 341f810bd6
Pin docker image, and update skip dirs argument passing to trivy (#41) 3 years ago
Donald Piret b38389f8ef
feat: add support for cache dire and timeout inputs (#35) 3 years ago
rahul2393 e2054f8b6a
Added input option support (#34) 
* Added input option support

* Fix position of input flag

* update readme

* Update README.md

Co-authored-by: Simarpreet Singh <simar@linux.com>
 3 years ago
Anand Gautam c6431cf821
Feat/add skip dirs option (#33) 
Fixes: https://github.com/aquasecurity/trivy-action/issues/32
 3 years ago
Teppei Fukuda f5e208a156
feat: suppress progress bar (#31) 
Add `--no-progress`
 3 years ago
Simarpreet Singh bceef37a45
entrypoint: Remove \r from ignoreUnfixed option (#29) 
Signed-off-by: Simarpreet Singh <simar@linux.com>
 3 years ago
rahul2393 1d28acf359
Add scan type as option (#27) 
* Add scan type as option

* Fix exitCode

* remove all options

* Add default value to scanRef and improve shell

* print args

* fix description.

* More changes
 3 years ago