bump Trivy version from 0.24 to 0.28; run hourly until problem is fixed.

Sage-Bionetworks · Nov 4, 2024 · fe0fa7d · fe0fa7d
1 parent 491d981
commit fe0fa7d
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -20,7 +20,7 @@ on:
       IMAGE_NAME:
         required: true
         type: string
-      EXIT_CODE: # # return code for failed scan. 0 means OK.  Non-zero will fail the build when there are findings.
+      EXIT_CODE: # return code for failed scan. 0 means OK.  Non-zero will fail the build when there are findings.
         required: false
         type: number
         default: 0
@@ -55,7 +55,7 @@ jobs:
           }} | docker import - ${{ inputs.IMAGE_NAME }}
 
       - name: Run Trivy vulnerability scanner for any major issues
-        uses: aquasecurity/trivy-action@0.24.0
+        uses: aquasecurity/trivy-action@0.28.0
         id: trivy
         with:
           image-ref: ${{ inputs.IMAGE_NAME }}

diff --git a/.github/workflows/trivy_periodic_image_scan.yml b/.github/workflows/trivy_periodic_image_scan.yml
@@ -9,8 +9,8 @@ name: Trivy Periodic Image Scan
 
 on:
   schedule:
-    # run daily
-    - cron: "0 0 * * *"
+    # run hourly, 10 minutes after the hour
+    - cron: "10 * * * *" # daily "0 0 * * *"
 
 jobs:
   lower-case: