Skip to content
IaC Security Scan (Trivi)

Create CODE_OF_CONDUCT.md #15

Sign in to view logs

Create CODE_OF_CONDUCT.md

Create CODE_OF_CONDUCT.md #15

Workflow file for this run

.github/workflows/iac_scanner.yml at db24bd4
name: IaC Security Scan (Trivi)
on:
push:
branches:
- main
jobs:
deploy-and-scan:
name: Run IaC Security Scan with Trivi
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Trivy
run: |
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -cs) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update && sudo apt-get install -yq trivy
build:
name: IaC Scan
runs-on: ubuntu-20.04
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner in fs mode
uses: aquasecurity/trivy-action@master
with:
scan-type: "fs"
scanners: "misconfig"
scan-ref: "."
hide-progress: false
format: "table"
ignore-unfixed: true
# severity: "HIGH,CRITICAL,MEDIUM"
# exit-code: 1