Description
Part of my workflow:
- name: install trivy
uses: aquasecurity/setup-trivy@v0.2.1
with:
version: v0.56.2
- name: run trivy vulnerability scanner in fs mode
uses: aquasecurity/trivy-action@0.29.0
id: trivy-check
with:
scan-type: fs
scan-ref: .
format: sarif
exit-code: 0
output: trivy-results.sarif
skip-setup-trivy: true
trivyignores: .trivyignore.yaml
env:
TRIVY_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-db:2"
.trivyignore.yaml file(it is located in the / of the repository)
secrets:
- id: slack-web-hook
paths:
- "zaa"
- id: github-fine-grained-pat
paths:
- "zaa"
The check sees a file containing exceptions
but zaa file keeps showing up in report
I don't have such problems when running locally, the ignore file works correctly, the problems start when I try to use the action