From a6cc8b1b98ab0783e0b1b95d8d6c81fa2be07e6a Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Fri, 20 Mar 2026 22:06:55 +0100 Subject: [PATCH 1/2] Use trivy-action hash for v0.35.0 --- .github/workflows/reusable-container-scan.yml | 2 +- .github/workflows/reusable-terraform-quality.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/reusable-container-scan.yml b/.github/workflows/reusable-container-scan.yml index 97ce169..4ad6c29 100644 --- a/.github/workflows/reusable-container-scan.yml +++ b/.github/workflows/reusable-container-scan.yml @@ -80,7 +80,7 @@ jobs: # nv-scanner-image: neuvector/scanner:5 - name: Scan container image with Trivy if: ${{ inputs.trivy-enabled }} - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 with: image-ref: ${{ env.IMAGE_REF }} format: 'table' diff --git a/.github/workflows/reusable-terraform-quality.yml b/.github/workflows/reusable-terraform-quality.yml index 89918f6..64587b2 100644 --- a/.github/workflows/reusable-terraform-quality.yml +++ b/.github/workflows/reusable-terraform-quality.yml @@ -83,7 +83,7 @@ jobs: - name: Run TFLint run: tflint --recursive --format compact - name: Run Trivy IaC scan - uses: aquasecurity/trivy-action@0.33.1 + uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # # v0.35.0 with: scan-type: "config" format: "sarif" From 81f7cd4067a1bc3dad38282b9b1e504c749d96e1 Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Fri, 20 Mar 2026 22:36:51 +0100 Subject: [PATCH 2/2] Fix typo --- .github/workflows/reusable-terraform-quality.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-terraform-quality.yml b/.github/workflows/reusable-terraform-quality.yml index 64587b2..23a257e 100644 --- a/.github/workflows/reusable-terraform-quality.yml +++ b/.github/workflows/reusable-terraform-quality.yml @@ -83,7 +83,7 @@ jobs: - name: Run TFLint run: tflint --recursive --format compact - name: Run Trivy IaC scan - uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # # v0.35.0 + uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 with: scan-type: "config" format: "sarif"