Skip to content

Commit

Permalink
Browse scan reports without GitHub Advanced Security license (#328)
Browse files Browse the repository at this point in the history
  • Loading branch information
uridium authored Apr 5, 2024
1 parent 0f287db commit 840deb4
Showing 1 changed file with 29 additions and 0 deletions.
29 changes: 29 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -522,6 +522,35 @@ jobs:
sarif_file: 'trivy-results.sarif'
```

### Using Trivy if you don't have code scanning enabled

It's also possible to browse a scan result in a workflow summary.

This step is especially useful for private repositories without [GitHub Advanced Security](https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security) license.

```yaml
- name: Run Trivy scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: config
hide-progress: true
output: trivy.txt
- name: Publish Trivy Output to Summary
run: |
if [[ -s trivy.txt ]]; then
{
echo "### Security Output"
echo "<details><summary>Click to expand</summary>"
echo ""
echo '```terraform'
cat trivy.txt
echo '```'
echo "</details>"
} >> $GITHUB_STEP_SUMMARY
fi
```

## Customizing

Configuration priority:
Expand Down

0 comments on commit 840deb4

Please sign in to comment.