Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
c6431cf821 |
@@ -145,7 +145,7 @@ Following inputs can be used as `step.with` keys:
|
||||
| `ignore-unfixed` | Boolean | false | Ignore unpatched/unfixed vulnerabilities |
|
||||
| `vuln-type` | String | `os,library` | Vulnerability types (os,library) |
|
||||
| `severity` | String | `UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL` | Severities of vulnerabilities to be displayed |
|
||||
|
||||
| `skip-dirs` | String | | Comma separated list of directories where traversal is skipped |
|
||||
[release]: https://github.com/aquasecurity/trivy-action/releases/latest
|
||||
[release-img]: https://img.shields.io/github/release/aquasecurity/trivy-action.svg?logo=github
|
||||
[marketplace]: https://github.com/marketplace/actions/aqua-security-trivy
|
||||
|
||||
@@ -41,6 +41,10 @@ inputs:
|
||||
description: 'writes results to a file with the specified file name'
|
||||
required: false
|
||||
default: ''
|
||||
skip-dirs:
|
||||
description: 'comma separated list of directories where traversal is skipped'
|
||||
required: false
|
||||
default: ''
|
||||
runs:
|
||||
using: 'docker'
|
||||
image: "Dockerfile"
|
||||
@@ -55,3 +59,4 @@ runs:
|
||||
- '-h ${{ inputs.output }}'
|
||||
- '-i ${{ inputs.image-ref }}'
|
||||
- '-j ${{ inputs.scan-ref }}'
|
||||
- '-k ${{ inputs.skip-dirs }}'
|
||||
|
||||
+7
-1
@@ -1,6 +1,6 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
while getopts "a:b:c:d:e:f:g:h:i:j:" o; do
|
||||
while getopts "a:b:c:d:e:f:g:h:i:j:k:" o; do
|
||||
case "${o}" in
|
||||
a)
|
||||
export scanType=${OPTARG}
|
||||
@@ -32,6 +32,9 @@ while getopts "a:b:c:d:e:f:g:h:i:j:" o; do
|
||||
j)
|
||||
export scanRef=${OPTARG}
|
||||
;;
|
||||
k)
|
||||
export skipDirs=${OPTARG}
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
@@ -64,6 +67,9 @@ fi
|
||||
if [ $output ];then
|
||||
ARGS="$ARGS --output $output"
|
||||
fi
|
||||
if [ $skipDirs ];then
|
||||
ARGS="$ARGS --skip-dirs $skipDirs"
|
||||
fi
|
||||
|
||||
echo "Running trivy with options: " --no-progress "${ARGS}" "${artifactRef}"
|
||||
trivy ${scanType} --no-progress $ARGS ${artifactRef}
|
||||
|
||||
Reference in New Issue
Block a user