Fix GitHub Action Trivy Analysis warnings

Update trivy-action to 0.17.0 Close #27264 Signed-off-by: Yves Galante <yves.galante@jmob.net>
2026-05-02 05:00:58 -05:00 · 2024-02-24 11:44:10 +01:00
parent 3186b6db8e
commit 401d58a905
1 changed files with 2 additions and 3 deletions
@@ -22,15 +22,14 @@ jobs:
        uses: aquasecurity/trivy-action@d710430a6722f083d3b36b8339ff66b32f22ee55
        with:
          image-ref: quay.io/keycloak/${{ matrix.container}}:nightly
-          format: template
-          template: '@/contrib/sarif.tpl'
+          format: sarif
          output: trivy-results.sarif
          severity: MEDIUM,CRITICAL,HIGH
          ignore-unfixed: true
-          security-checks: vuln
          timeout: 15m

      - name: Upload Trivy scan results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: trivy-results.sarif
+          category: ${{ matrix.container}}