diff --git a/.github/workflows/scan-with-trivy.yml b/.github/workflows/scan-with-trivy.yml index 70ab5af..ecec9dc 100644 --- a/.github/workflows/scan-with-trivy.yml +++ b/.github/workflows/scan-with-trivy.yml @@ -61,7 +61,7 @@ jobs: ref: ${{ github.event.workflow_run.head_branch || github.ref_name }} - name: Run vulnerability scanner if: ${{matrix.scan_enabled == true && inputs.vulnerability_scan == true}} - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: scan-type: fs scan-ref: ${{ matrix.path }} @@ -76,7 +76,7 @@ jobs: sarif_file: 'trivy-results.sarif' - name: Update GitHub Dependency Graph if: ${{matrix.scan_enabled == true && inputs.update_dependencies_graph == true}} - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: scan-type: fs scan-ref: ${{ matrix.path }} @@ -85,7 +85,7 @@ jobs: github-pat: ${{ secrets.GITHUB_TOKEN }} - name: Generate CycloneDX SBOM if: ${{matrix.scan_enabled == true && inputs.generate_sbom == true}} - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: scan-type: fs scan-ref: ${{ matrix.path }} @@ -122,7 +122,7 @@ jobs: steps: - name: Run vulnerability scanner if: ${{inputs.vulnerability_scan == true}} - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: ${{ matrix.image }} severity: ${{ inputs.severity }} @@ -136,7 +136,7 @@ jobs: sarif_file: 'trivy-results.sarif' - name: Update GitHub Dependency Graph if: ${{inputs.update_dependencies_graph == true}} - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: ${{ matrix.image }} format: github @@ -144,7 +144,7 @@ jobs: github-pat: ${{ secrets.GITHUB_TOKEN }} - name: Generate CycloneDX SBOM if: ${{inputs.generate_sbom == true}} - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: ${{ matrix.image }} format: cyclonedx