From ab2432b5842e5b0238a967b8758551049a6ce65b Mon Sep 17 00:00:00 2001 From: Enrico Deusebio Date: Wed, 23 Oct 2024 23:55:38 +0200 Subject: [PATCH] [MISC] Enabling scanning for other images --- .github/workflows/build.yaml | 6 ++++++ .github/workflows/trivy.yml | 14 ++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 5202d6cf..06e6ea79 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -2,6 +2,10 @@ name: Build ROCK on: workflow_call: + inputs: + branch: + type: string + default: '' jobs: lint: @@ -27,6 +31,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 + with: + ref: ${{ inputs.branch }} - name: Setup LXD uses: canonical/setup-lxd@main diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index e27571ce..6be1abc9 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -3,10 +3,20 @@ on: push: branches: - 3.4-22.04/edge + - 3.5-22.04/edge + - 3.4-22.04/stable + - 3.5-22.04/stable pull_request: + workflow_call: + inputs: + branch: + type: string + default: '' jobs: build: uses: ./.github/workflows/build.yaml + with: + branch: ${{ inputs.branch }} scan: name: Trivy scan and sbom generation needs: build @@ -14,6 +24,9 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 + with: + ref: ${{ inputs.branch }} + - name: Install rockcraft (for skopeo) run: | sudo snap install rockcraft --classic --edge @@ -47,6 +60,7 @@ jobs: if: always() with: sarif_file: 'trivy-results.sarif' + ref: ${{ inputs.branch }} - name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph uses: aquasecurity/trivy-action@0.20.0