Skip to content

Scan container images #187

Scan container images

Scan container images #187

Workflow file for this run

name: Scan container images
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
schedule:
- cron: '0 4 * * 1' # Every Monday at 9:30 IST
jobs:
build:
strategy:
matrix:
os: [ubuntu-latest]
runs-on: ${{ matrix.os }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Build an image from Dockerfile
run: |
docker build -f "Dockerfile" -t relay:${{ github.sha }} .
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
image-ref: relay:${{ github.sha }}
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'