v1.0.6
What’s New:
This release introduces optional Trivy Security Scanning, which can be run during the release process contained in this action via a Bash script. When enabled, Trivy scans for security vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues. To enable the scanner, set the vulnerability-scan
input default to true
.
If there are no vulnerabilities found, or UNKNOWN,
LOW,
or MEDIUM
vulnerabilities, the action will complete with exit 0
. If there is a HIGH
or CRITICAL
vulnerability found, the release deployment will fail with exit 1
. The results of the scan will then be displayed in a sarif.tpl
named trivy-results.sarif
.