From 015957e40643503a12f45701a6fc981fec288b31 Mon Sep 17 00:00:00 2001 From: jandroav Date: Fri, 1 Dec 2023 14:31:34 +0100 Subject: [PATCH] chore(trivy.yml): remove matrix strategy for building Docker images to simplify the workflow fix(trivy.yml): update image-ref and sarif_file values to remove matrix suffix for consistency and clarity --- .github/workflows/trivy.yml | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 788b86ca..039d55ec 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -25,31 +25,25 @@ jobs: actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status name: Build runs-on: "ubuntu-20.04" - strategy: - matrix: - image: [ - {dockerfile: Dockerfile, suffix: ''}, - {dockerfile: Dockerfile.alpine, suffix: '-alpine'}, - ] steps: - name: Checkout code uses: actions/checkout@v4 - name: Build an image from Dockerfile run: | - docker build -t liquibase/liquibase${{ matrix.image.suffix }}:${{ github.sha }} -f ${{ matrix.image.dockerfile }} . + docker build -t liquibase/liquibase:${{ github.sha }} . - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@b77b85c0254bba6789e787844f0585cde1e56320 with: - image-ref: 'liquibase/liquibase${{ matrix.image.suffix }}:${{ github.sha }}' + image-ref: 'liquibase/liquibase:${{ github.sha }}' format: 'sarif' - output: 'trivy-results${{ matrix.image.suffix }}.sarif' + output: 'trivy-results.sarif' - name: Upload Trivy scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v2 with: - sarif_file: 'trivy-results${{ matrix.image.suffix }}.sarif' + sarif_file: 'trivy-results.sarif' - name: Generate Security Report uses: rsdmike/github-security-report-action@v3.0.4