diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml index a292ca30..3b189097 100644 --- a/.github/workflows/trivy-scan.yml +++ b/.github/workflows/trivy-scan.yml @@ -25,7 +25,7 @@ jobs: run: docker build . --file Dockerfile --tag vprodemo.azurecr.io/rpc-go:${{ github.sha }} --tag vprodemo.azurecr.io/rpc-go:latest - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # master + uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # master with: image-ref: 'vprodemo.azurecr.io/rpc-go:${{ github.sha }}' format: 'sarif'