Update automatic scan to HIGH level

IABTechLab · Mar 21, 2024 · 5118245 · 5118245
1 parent df68537
commit 5118245
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 8 deletions.
diff --git a/.github/workflows/build-and-test.yaml b/.github/workflows/build-and-test.yaml
@@ -3,5 +3,5 @@ on: [pull_request, push, workflow_dispatch]
 
 jobs:
   build:
-    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-build-and-test.yaml@main
+    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-build-and-test.yaml@v2
     secrets: inherit
diff --git a/.github/workflows/check-stable-dependency.yaml b/.github/workflows/check-stable-dependency.yaml
@@ -3,5 +3,5 @@ on: [pull_request, workflow_dispatch]
 
 jobs:
   check_dependency:
-    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-check-stable-dependency.yaml@main
+    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-check-stable-dependency.yaml@v2
     secrets: inherit
diff --git a/.github/workflows/release-docker-image.yaml b/.github/workflows/release-docker-image.yaml
@@ -36,9 +36,9 @@ on:
         type: string
         default: main
       vulnerability_severity:
-        description: The severity to fail the workflow if such vulnerability is detected. DO NOT override it unless a Jira ticket is raised. Must be one of ['CRITICAL', 'CRITICAL,HIGH' or 'CRITICAL,HIGH,MEDIUM'] (without space in between).
+        description: The severity to fail the workflow if such vulnerability is detected. DO NOT override it unless a Jira ticket is raised. Must be one of ['CRITICAL', 'HIGH' or 'MEDIUM'].
         type: string
-        default: 'CRITICAL,HIGH'
+        default: 'HIGH'
 
 jobs:
   Image:

diff --git a/.github/workflows/validate-image.yaml b/.github/workflows/validate-image.yaml
@@ -5,7 +5,7 @@ on:
       failure_severity:
         description: 'Must be one of CRITICAL, HIGH, MEDIUM'
         required: false
-        default: CRITICAL
+        default: HIGH
       fail_on_error:
         description: 'If true, will fail the build if vulnerabilities are found'
         required: true
@@ -16,22 +16,22 @@ on:
 
 jobs:
   build-publish-docker-default:
-    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-validate-image.yaml@main
+    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-validate-image.yaml@v2
     with: 
       failure_severity: ${{ inputs.failure_severity || 'CRITICAL'}}
       fail_on_error: ${{ inputs.fail_on_error || true }}
       cloud_provider: 'default'
     secrets: inherit
   build-publish-docker-aws:
-    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-validate-image.yaml@main
+    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-validate-image.yaml@v2
     with: 
       failure_severity: ${{ inputs.failure_severity || 'CRITICAL'}}
       fail_on_error: ${{ inputs.fail_on_error || true }}
       cloud_provider: 'aws'
     secrets: inherit
     needs: [build-publish-docker-default]
   build-publish-docker-gcp:
-    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-validate-image.yaml@main
+    uses: IABTechLab/uid2-shared-actions/.github/workflows/shared-validate-image.yaml@v2
     with: 
       failure_severity: ${{ inputs.failure_severity || 'CRITICAL'}}
       fail_on_error: ${{ inputs.fail_on_error || true }}