Skip to content

Commit 9dc42c7

Browse files
anthony-nhsanthony-nhs
committed
add trivy config
1 parent 2484ef0 commit 9dc42c7

File tree

1 file changed

+11
-1
lines changed

1 file changed

+11
-1
lines changed

.github/workflows/quality-checks.yml

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -168,7 +168,10 @@ jobs:
168168
echo "****************"
169169
echo "uses_go=false" >> "$GITHUB_OUTPUT"
170170
fi
171-
171+
cat <<EOF > trivy.yaml
172+
pkg:
173+
include-dev-deps: true
174+
EOF
172175
- name: Check python licenses
173176
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
174177
if: ${{ steps.check_languages.outputs.uses_poetry == 'true' }}
@@ -181,6 +184,7 @@ jobs:
181184
output: "license_scan_python.json"
182185
exit-code: "1"
183186
list-all-pkgs: "true"
187+
trivy-config: trivy.yaml
184188
- name: Check node licenses
185189
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
186190
if: ${{ steps.check_languages.outputs.uses_node == 'true' }}
@@ -193,6 +197,7 @@ jobs:
193197
output: "license_scan_node.json"
194198
exit-code: "1"
195199
list-all-pkgs: "true"
200+
trivy-config: trivy.yaml
196201
- name: Check go licenses
197202
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
198203
if: ${{ steps.check_languages.outputs.uses_go == 'true' }}
@@ -205,6 +210,7 @@ jobs:
205210
output: "license_scan_go.json"
206211
exit-code: "1"
207212
list-all-pkgs: "true"
213+
trivy-config: trivy.yaml
208214
- name: Check java licenses
209215
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
210216
if: ${{ steps.check_languages.outputs.uses_java == 'true' }}
@@ -217,6 +223,7 @@ jobs:
217223
output: "license_scan_java.json"
218224
exit-code: "1"
219225
list-all-pkgs: "true"
226+
trivy-config: trivy.yaml
220227
- name: Show license scan output
221228
if: always()
222229
run: |
@@ -262,6 +269,7 @@ jobs:
262269
format: "table"
263270
output: "dependency_results_python.txt"
264271
exit-code: "1"
272+
trivy-config: trivy.yaml
265273
- name: Generate and check node SBOMs
266274
if: ${{ steps.check_languages.outputs.uses_node == 'true' }}
267275
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
@@ -273,6 +281,7 @@ jobs:
273281
format: "table"
274282
output: "dependency_results_node.txt"
275283
exit-code: "1"
284+
trivy-config: trivy.yaml
276285
- name: Generate and check java SBOMs
277286
if: ${{ steps.check_languages.outputs.uses_java == 'true' }}
278287
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
@@ -295,6 +304,7 @@ jobs:
295304
format: "table"
296305
output: "dependency_results_go.txt"
297306
exit-code: "1"
307+
trivy-config: trivy.yaml
298308
- name: Show scan output
299309
if: always()
300310
run: |

0 commit comments

Comments
 (0)