fly6516/Docker-Davinci-Resolve-Project-Server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update docker.yml

Browse Source
This commit is contained in:
Elliot Matson 2023-01-31 21:12:56 -06:00 committed by GitHub
parent b25281dba2
commit 8639b3aa18
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.github/workflows/docker.yml vendored
View File

@ -73,13 +73,18 @@ jobs:
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
security-scan:
runs-on: ubuntu-latest
permissions:
security-events: write
needs: build-and-push-image
steps:
- name: Run Trivy vulnerability scanner - name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master uses: aquasecurity/trivy-action@master
with: with:
image-ref: ${{ env.DOCKER_IMAGE }} image-ref: ${{ env.DOCKER_IMAGE }}
format: 'sarif' format: 'sarif'
output: 'trivy-results.sarif' output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab - name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@v2
with: with: