From 5f8649d62552f673df7515ffc82d820ca16c363e Mon Sep 17 00:00:00 2001 From: Seth Grover Date: Tue, 15 Oct 2024 10:40:48 -0600 Subject: [PATCH] Set trivy-action to v0.28.0 --- .github/workflows/api-build-and-push-ghcr.yml | 2 +- .github/workflows/arkime-build-and-push-ghcr.yml | 2 +- .github/workflows/dashboards-build-and-push-ghcr.yml | 2 +- .github/workflows/dashboards-helper-build-and-push-ghcr.yml | 2 +- .github/workflows/dirinit-build-and-push-ghcr.yml | 2 +- .github/workflows/file-monitor-build-and-push-ghcr.yml | 2 +- .github/workflows/file-upload-build-and-push-ghcr.yml | 2 +- .github/workflows/filebeat-build-and-push-ghcr.yml | 2 +- .github/workflows/freq-build-and-push-ghcr.yml | 2 +- .github/workflows/hedgehog-iso-build-docker-wrap-push-ghcr.yml | 2 +- .github/workflows/htadmin-build-and-push-ghcr.yml | 2 +- .github/workflows/logstash-build-and-push-ghcr.yml | 2 +- .github/workflows/malcolm-iso-build-docker-wrap-push-ghcr.yml | 2 +- .github/workflows/netbox-build-and-push-ghcr.yml | 2 +- .github/workflows/nginx-build-and-push-ghcr.yml | 2 +- .github/workflows/opensearch-build-and-push-ghcr.yml | 2 +- .github/workflows/pcap-capture-build-and-push-ghcr.yml | 2 +- .github/workflows/pcap-monitor-build-and-push-ghcr.yml | 2 +- .github/workflows/postgresql-build-and-push-ghcr.yml | 2 +- .github/workflows/redis-build-and-push-ghcr.yml | 2 +- .github/workflows/suricata-build-and-push-ghcr.yml | 2 +- .github/workflows/zeek-build-and-push-ghcr.yml | 2 +- 22 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/api-build-and-push-ghcr.yml b/.github/workflows/api-build-and-push-ghcr.yml index 37a047487..b3b80ad35 100644 --- a/.github/workflows/api-build-and-push-ghcr.yml +++ b/.github/workflows/api-build-and-push-ghcr.yml @@ -113,7 +113,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/arkime-build-and-push-ghcr.yml b/.github/workflows/arkime-build-and-push-ghcr.yml index be04c764a..6202c0138 100644 --- a/.github/workflows/arkime-build-and-push-ghcr.yml +++ b/.github/workflows/arkime-build-and-push-ghcr.yml @@ -115,7 +115,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/dashboards-build-and-push-ghcr.yml b/.github/workflows/dashboards-build-and-push-ghcr.yml index 3d1d2920d..52706f552 100644 --- a/.github/workflows/dashboards-build-and-push-ghcr.yml +++ b/.github/workflows/dashboards-build-and-push-ghcr.yml @@ -113,7 +113,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/dashboards-helper-build-and-push-ghcr.yml b/.github/workflows/dashboards-helper-build-and-push-ghcr.yml index e5a1b5ec4..4afffa301 100644 --- a/.github/workflows/dashboards-helper-build-and-push-ghcr.yml +++ b/.github/workflows/dashboards-helper-build-and-push-ghcr.yml @@ -113,7 +113,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/dirinit-build-and-push-ghcr.yml b/.github/workflows/dirinit-build-and-push-ghcr.yml index a9a6d42d7..5cf0424fd 100644 --- a/.github/workflows/dirinit-build-and-push-ghcr.yml +++ b/.github/workflows/dirinit-build-and-push-ghcr.yml @@ -100,7 +100,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/file-monitor-build-and-push-ghcr.yml b/.github/workflows/file-monitor-build-and-push-ghcr.yml index f45f9fb33..867e8ebc8 100644 --- a/.github/workflows/file-monitor-build-and-push-ghcr.yml +++ b/.github/workflows/file-monitor-build-and-push-ghcr.yml @@ -110,7 +110,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/file-upload-build-and-push-ghcr.yml b/.github/workflows/file-upload-build-and-push-ghcr.yml index ed4218bd7..727280a0f 100644 --- a/.github/workflows/file-upload-build-and-push-ghcr.yml +++ b/.github/workflows/file-upload-build-and-push-ghcr.yml @@ -113,7 +113,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/filebeat-build-and-push-ghcr.yml b/.github/workflows/filebeat-build-and-push-ghcr.yml index 2709bf39e..e43152c86 100644 --- a/.github/workflows/filebeat-build-and-push-ghcr.yml +++ b/.github/workflows/filebeat-build-and-push-ghcr.yml @@ -113,7 +113,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/freq-build-and-push-ghcr.yml b/.github/workflows/freq-build-and-push-ghcr.yml index a87bc2e1e..acdc4f6e8 100644 --- a/.github/workflows/freq-build-and-push-ghcr.yml +++ b/.github/workflows/freq-build-and-push-ghcr.yml @@ -113,7 +113,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/hedgehog-iso-build-docker-wrap-push-ghcr.yml b/.github/workflows/hedgehog-iso-build-docker-wrap-push-ghcr.yml index 718033682..50a19f596 100644 --- a/.github/workflows/hedgehog-iso-build-docker-wrap-push-ghcr.yml +++ b/.github/workflows/hedgehog-iso-build-docker-wrap-push-ghcr.yml @@ -141,7 +141,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'fs' scan-ref: './hedgehog-iso' diff --git a/.github/workflows/htadmin-build-and-push-ghcr.yml b/.github/workflows/htadmin-build-and-push-ghcr.yml index 80211a6ee..dbcb71779 100644 --- a/.github/workflows/htadmin-build-and-push-ghcr.yml +++ b/.github/workflows/htadmin-build-and-push-ghcr.yml @@ -113,7 +113,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/logstash-build-and-push-ghcr.yml b/.github/workflows/logstash-build-and-push-ghcr.yml index b95397938..407c302ae 100644 --- a/.github/workflows/logstash-build-and-push-ghcr.yml +++ b/.github/workflows/logstash-build-and-push-ghcr.yml @@ -113,7 +113,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/malcolm-iso-build-docker-wrap-push-ghcr.yml b/.github/workflows/malcolm-iso-build-docker-wrap-push-ghcr.yml index c3c65064d..01b4ff5a1 100644 --- a/.github/workflows/malcolm-iso-build-docker-wrap-push-ghcr.yml +++ b/.github/workflows/malcolm-iso-build-docker-wrap-push-ghcr.yml @@ -148,7 +148,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'fs' scan-ref: './malcolm-iso' diff --git a/.github/workflows/netbox-build-and-push-ghcr.yml b/.github/workflows/netbox-build-and-push-ghcr.yml index 1bb83012a..5063f5787 100644 --- a/.github/workflows/netbox-build-and-push-ghcr.yml +++ b/.github/workflows/netbox-build-and-push-ghcr.yml @@ -113,7 +113,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/nginx-build-and-push-ghcr.yml b/.github/workflows/nginx-build-and-push-ghcr.yml index da13854b6..eb8d89012 100644 --- a/.github/workflows/nginx-build-and-push-ghcr.yml +++ b/.github/workflows/nginx-build-and-push-ghcr.yml @@ -120,7 +120,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/opensearch-build-and-push-ghcr.yml b/.github/workflows/opensearch-build-and-push-ghcr.yml index d26cd92a0..d3c1f52b5 100644 --- a/.github/workflows/opensearch-build-and-push-ghcr.yml +++ b/.github/workflows/opensearch-build-and-push-ghcr.yml @@ -112,7 +112,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/pcap-capture-build-and-push-ghcr.yml b/.github/workflows/pcap-capture-build-and-push-ghcr.yml index 1dc03a712..3d0bf4e7f 100644 --- a/.github/workflows/pcap-capture-build-and-push-ghcr.yml +++ b/.github/workflows/pcap-capture-build-and-push-ghcr.yml @@ -113,7 +113,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/pcap-monitor-build-and-push-ghcr.yml b/.github/workflows/pcap-monitor-build-and-push-ghcr.yml index 724cc2615..f66cb71a1 100644 --- a/.github/workflows/pcap-monitor-build-and-push-ghcr.yml +++ b/.github/workflows/pcap-monitor-build-and-push-ghcr.yml @@ -113,7 +113,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/postgresql-build-and-push-ghcr.yml b/.github/workflows/postgresql-build-and-push-ghcr.yml index 6e2ea78a5..9369feff2 100644 --- a/.github/workflows/postgresql-build-and-push-ghcr.yml +++ b/.github/workflows/postgresql-build-and-push-ghcr.yml @@ -112,7 +112,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/redis-build-and-push-ghcr.yml b/.github/workflows/redis-build-and-push-ghcr.yml index 0a3050c93..635728f2f 100644 --- a/.github/workflows/redis-build-and-push-ghcr.yml +++ b/.github/workflows/redis-build-and-push-ghcr.yml @@ -112,7 +112,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/suricata-build-and-push-ghcr.yml b/.github/workflows/suricata-build-and-push-ghcr.yml index 5df7e1084..ec6ebadc6 100644 --- a/.github/workflows/suricata-build-and-push-ghcr.yml +++ b/.github/workflows/suricata-build-and-push-ghcr.yml @@ -112,7 +112,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln' diff --git a/.github/workflows/zeek-build-and-push-ghcr.yml b/.github/workflows/zeek-build-and-push-ghcr.yml index cba988b57..8d2dda621 100644 --- a/.github/workflows/zeek-build-and-push-ghcr.yml +++ b/.github/workflows/zeek-build-and-push-ghcr.yml @@ -114,7 +114,7 @@ jobs: name: Run Trivy vulnerability scanner if: ${{ matrix.platform == 'linux/amd64' }} id: trivy-scan - uses: aquasecurity/trivy-action@v0.28.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' scanners: 'vuln'