From eaa5a74c7970825e005c4fca3a9e8669d7ae7615 Mon Sep 17 00:00:00 2001
From: Jonathan Knight <jk@thegridman.com>
Date: Fri, 25 Oct 2024 19:26:09 +0300
Subject: [PATCH] Update Trivy GitHub workflows

---
 Makefile | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/Makefile b/Makefile
index be6a0af8..fb605231 100644
--- a/Makefile
+++ b/Makefile
@@ -1974,19 +1974,17 @@ tanzu-install: ## Install the Coherence Operator package into Tanzu
 # ======================================================================================================================
 ##@ Miscellaneous
 
-TRIVY_IMAGE=ghcr.io/aquasecurity/trivy:0.54.1
 TRIVY_CACHE ?=
 
 .PHONY: trivy-scan
 trivy-scan: build-operator-images $(TOOLS_BIN)/trivy ## Scan the Operator image using Trivy
-
 ifeq (Darwin, $(UNAME_S))
-	$(TOOLS_BIN)/trivy --cache-dir $(HOME)/Library/Caches/trivy image $(OPERATOR_IMAGE)
+	$(TOOLS_BIN)/trivy --exit-code 1 --severity CRITICAL,HIGH --cache-dir $(HOME)/Library/Caches/trivy image $(OPERATOR_IMAGE)
 else
 ifdef TRIVY_CACHE
-	$(TOOLS_BIN)/trivy --cache-dir $(TRIVY_CACHE) image $(OPERATOR_IMAGE)
+	$(TOOLS_BIN)/trivy --exit-code 1 --severity CRITICAL,HIGH --cache-dir $(TRIVY_CACHE) image $(OPERATOR_IMAGE)
 else
-	$(TOOLS_BIN)/trivy image $(OPERATOR_IMAGE)
+	$(TOOLS_BIN)/trivy --exit-code 1 --severity CRITICAL,HIGH image $(OPERATOR_IMAGE)
 endif
 endif