From ef5b5148096cbb241e21f940690f05893839cf5a Mon Sep 17 00:00:00 2001 From: Nicolas-Delahaye Date: Mon, 23 Mar 2026 09:03:01 +0100 Subject: [PATCH 1/4] Update container-ci.yml --- .github/workflows/container-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/container-ci.yml b/.github/workflows/container-ci.yml index 7f890cf..d63b7b9 100644 --- a/.github/workflows/container-ci.yml +++ b/.github/workflows/container-ci.yml @@ -283,7 +283,7 @@ jobs: cat "$IGNORE_FILE" - name: Generate SBOM (SPDX JSON) - uses: aquasecurity/trivy-action@0.33.1 + uses: aquasecurity/trivy-action@0.35.0 with: scan-type: 'image' image-ref: "${{ inputs.image-name }}:sha-${{ steps.short-sha.outputs.sha }}" From ed4f2e5de0302f1ca79cf6a971ad07af6f59687a Mon Sep 17 00:00:00 2001 From: Nicolas-Delahaye Date: Mon, 23 Mar 2026 09:25:21 +0100 Subject: [PATCH 2/4] Update chart-ci.yml --- .github/workflows/chart-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-ci.yml b/.github/workflows/chart-ci.yml index 9da2003..68cd5c6 100644 --- a/.github/workflows/chart-ci.yml +++ b/.github/workflows/chart-ci.yml @@ -185,7 +185,7 @@ jobs: path: ${{ inputs.chart-dir }} - name: Build Trivy Vulnerability report - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.35.0 env: TRIVY_HELM_KUBE_VERSION: ${{ inputs.kubernetes-version }} TRIVY_HELM_SET_FILE: ${{ inputs.chart-values }} From cc7ba077d39c453dc9142429c72b534db7af865d Mon Sep 17 00:00:00 2001 From: Nicolas-Delahaye Date: Mon, 23 Mar 2026 09:27:30 +0100 Subject: [PATCH 3/4] Update container-ci.yml --- .github/workflows/container-ci.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/container-ci.yml b/.github/workflows/container-ci.yml index d63b7b9..373ce83 100644 --- a/.github/workflows/container-ci.yml +++ b/.github/workflows/container-ci.yml @@ -283,7 +283,7 @@ jobs: cat "$IGNORE_FILE" - name: Generate SBOM (SPDX JSON) - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.35.0 with: scan-type: 'image' image-ref: "${{ inputs.image-name }}:sha-${{ steps.short-sha.outputs.sha }}" @@ -297,7 +297,7 @@ jobs: filePath: 'image-sbom.spdx.json' - name: Build Trivy Vulnerability report - uses: aquasecurity/trivy-action@0.33.1 + uses: aquasecurity/trivy-action@v0.35.0 with: image-ref: "${{ inputs.image-name }}:sha-${{ steps.short-sha.outputs.sha }}" skip-setup-trivy: true @@ -317,7 +317,7 @@ jobs: category: vulnerability - name: Build Trivy License report - uses: aquasecurity/trivy-action@0.33.1 + uses: aquasecurity/trivy-action@v0.35.0 with: image-ref: "${{ inputs.image-name }}:sha-${{ steps.short-sha.outputs.sha }}" skip-setup-trivy: true @@ -337,7 +337,7 @@ jobs: category: license - name: Run Trivy Vulnerability scan - uses: aquasecurity/trivy-action@0.33.1 + uses: aquasecurity/trivy-action@v0.35.0 # Overriding env vars from previous steps for them not to interfere with the scan env: TRIVY_FORMAT: 'table' @@ -354,7 +354,7 @@ jobs: trivyignores: 'ci-trivy-ignore.txt' - name: Run Trivy License scan - uses: aquasecurity/trivy-action@0.33.1 + uses: aquasecurity/trivy-action@v0.35.0 # Overriding env vars from previous steps for them not to interfere with the scan env: TRIVY_FORMAT: 'table' From 9666a6cfe57d4965ad8947562bf48cbb7c20598e Mon Sep 17 00:00:00 2001 From: Nicolas-Delahaye Date: Mon, 23 Mar 2026 09:28:03 +0100 Subject: [PATCH 4/4] Update chart-ci.yml --- .github/workflows/chart-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-ci.yml b/.github/workflows/chart-ci.yml index 68cd5c6..7c86129 100644 --- a/.github/workflows/chart-ci.yml +++ b/.github/workflows/chart-ci.yml @@ -203,7 +203,7 @@ jobs: sarif_file: 'trivy-vuln-results.sarif' - name: Run Trivy Vulnerability scan - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.35.0 env: TRIVY_HELM_KUBE_VERSION: ${{ inputs.kubernetes-version }} TRIVY_HELM_SET_FILE: ${{ inputs.chart-values }}