feat: DEVOPS-67 enable trivy scan

pabops · pabops · commit a1914b032c8b · 2026-02-26T11:32:23.000+04:00
diff --git a/.github/workflows/cicd-stg.yml b/.github/workflows/cicd-stg.yml
@@ -16,7 +16,6 @@ jobs:
       id-token: write
       contents: write
     runs-on: ubuntu-22.04
-    if: github.actor != 'dependabot[bot]' && github.ref_name == 'main'
     name: "Build image"
     strategy:
       fail-fast: false
@@ -41,7 +40,7 @@ jobs:
           fetch-depth: 0
 
       - name: Docker build and push - staging
-        uses: Zilliqa/gh-actions-workflows/actions/ci-dockerized-app-build-push@v2
+        uses: Zilliqa/gh-actions-workflows/actions/ci-dockerized-app-build-push@devops-67
         with:
           file: ${{ matrix.file }}
           context: ${{ matrix.context }}
@@ -53,6 +52,7 @@ jobs:
           workload-identity-provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}"
           service-account: "${{ secrets.GCP_STG_GITHUB_SA_DOCKER_REGISTRY }}"
           cache-key: ${{ env.REGISTRY }}/${{ matrix.image_name }}-cache
+          trivy-scan: true
           build-args: |
             DEPLOY_ENV=stg
 
