Migrate trivy scan to trivy-action#2992
Merged
strailov merged 2 commits intoeclipse-hawkbit:masterfrom Apr 3, 2026
Merged
Conversation
|
Thanks @strailov for taking the time to contribute to hawkBit! We really appreciate this. Make yourself comfortable while I'm looking for a committer to help you with your contribution. |
Signed-off-by: strailov <[email protected]>
avgustinmm
approved these changes
Apr 3, 2026
avgustinmm
added a commit
that referenced
this pull request
Apr 7, 2026
* Migrate trivy scan to trivy-action (#2992) * Migrate trivy scan to trivy-action * Revert to hard versions approach, but not only with major ref Signed-off-by: strailov <[email protected]> --------- Signed-off-by: strailov <[email protected]> * Fix vulnerability build (#2997) Signed-off-by: strailov <[email protected]> * Fix/vulnerability build (#2998) * Fix vulnerability build Signed-off-by: strailov <[email protected]> * add scans dir before scanning Signed-off-by: strailov <[email protected]> --------- Signed-off-by: strailov <[email protected]> * Fix stop rollout when using PostgreSQL (#2996) Signed-off-by: strailov <[email protected]> * Bump docker/login-action from 4.0.0 to 4.1.0 (#2994) Bumps [docker/login-action](https://github.com/docker/login-action) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v4.0.0...v4.1.0) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: strailov <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Stanislav Trailov <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The PR introduces trivy-action instead of the current trivy installation & scan.
Also fix the trivy scan action when not uploading results - exit 0 was invoked only in the scope of the run:
This would also lead to uploading results. If using exit 1 - this would leave to job failure which we don't need.
So added checks PER upload of artifact in order to escape the above problems.
Also switched to hard version approach for each github action references (not only for major releases like v6)