Update to use trivy action. (#97)

oracle · Nov 21, 2024 · b5ad2fc · b5ad2fc
1 parent 2776a33
commit b5ad2fc
Showing 1 changed file with 7 additions and 8 deletions.
diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
@@ -16,14 +16,13 @@ on:
 jobs:
   trivy-scan:
     runs-on: ubuntu-latest
-    container:
-      image: ghcr.io/aquasecurity/trivy:latest
-      volumes:
-        - /var/run/docker.sock:/var/run/docker.sock
-        - /home/runner/work/coherence-js-client/coherence-js-client:/repo
 
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout code
+        uses: actions/checkout@v4
 
-      - name: Trivy Scan
-        run: trivy fs --exit-code 1 /repo
+      - name: Run Trivy vulnerability scanner to scan repo
+        uses: aquasecurity/[email protected]
+        with:
+          scan-type: 'fs'
+          exit-code: 1