Update action to scan image

canonical · Sep 12, 2024 · 7d22375 · 7d22375
1 parent a0a4ba5
commit 7d22375
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -52,11 +52,13 @@ jobs:
       - name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph
         uses: aquasecurity/[email protected]
         with:
-          scan-type: 'fs'
+          scan-type: 'image'
           format: 'github'
           output: 'dependency-results.sbom.json'
           image-ref: 'trivy/charmed-spark:test'
           github-pat: ${{ secrets.GITHUB_TOKEN }}
+          severity: "MEDIUM,HIGH,CRITICAL"
+          scanners: "vuln"
 
       - name: Upload trivy report as a Github artifact
         uses: actions/upload-artifact@v4