update trivy action

2025-01-20 07:17:10 +08:00
parent 1673c569e6
commit da120ee0be
2 changed files with 8 additions and 7 deletions
--- a/.gitea/workflows/release.yaml
+++ b/.gitea/workflows/release.yaml
@@ -88,14 +88,13 @@ jobs:
            ${{ secrets.DOCKER_REGISTRY_USER}}/hypermirror:v${{ steps.meta.outputs.IMAGE_VERSION }}

      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: astounds/trivy-action@v1
        with:
-          image-ref: ${{ secrets.DOCKER_REGISTRY_USER}}/hypermirror:latest
+          image: ${{ secrets.DOCKER_REGISTRY_USER}}/hypermirror:latest
+          severity: 'CRITICAL,HIGH'
+          pkg-types: 'os'
          format: 'table'
          exit-code: '1'
-          ignore-unfixed: true
-          vuln-type: 'os'
-          severity: 'CRITICAL,HIGH'

      - name: Push Docker image
        uses: docker/build-push-action@v6