Create wetwergf.txt #194

Summary
Jobs
- trivy
Run details
- Usage
- Workflow file

Workflow file for this run

	name: Aqua
	on: pull_request
	jobs:
	aqua:
	name: trivy
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v2
	# container-test-job:
	# runs-on: ubuntu-latest
	# container:
	# image: 151013160191/trivy-user-test:tagname
	# env:
	# AQUA_KEY: ${{ secrets.AQUA_KEY_CNAPP_DEV }}
	# AQUA_SECRET: ${{ secrets.AQUA_SECRET_CNAPP_DEV }}
	# GITHUB_TOKEN: ${{ github.token }}
	# AQUA_URL: https://api.dev.supply-chain.cloud.aquasec.com
	# CSPM_URL: https://stage.api.cloudsploit.com
	# TRIVY_RUN_AS_PLUGIN: 'aqua'
	# volumes:
	# - /home/runner/work/_temp/_github_home:/gituser/home
	# - /var/run/docker.sock:/var/run/docker.sock
	# - /home/runner/work/_temp/_github_home:/github/home
	# - /home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/chat-app/chat-app":"/github/workspace"

	# steps:
	# - name: Check for dockerenv file
	# run: \|
	# trivy fs --scanners config,vuln,secret .

	- name: Run Aqua scanner- trivytestdocker
	uses: docker://151013160191/trivy-user-test:tagname

	with:
	args: trivy fs --scanners config,vuln,secret .

	# To customize which severities to scan for, add the following flag: --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
	# # To enable SAST scanning, add: --sast
	# # To enable reachability scanning, add: --reachability
	# # To enable npm/dotnet non-lock file scanning, add: --package-json / --dotnet-proj
	# volumes:
	# - my_docker_volume:/volume_mount
	env:
	AQUA_KEY: ${{ secrets.AQUA_KEY_CNAPP_DEV }}
	AQUA_SECRET: ${{ secrets.AQUA_SECRET_CNAPP_DEV }}
	GITHUB_TOKEN: ${{ github.token }}
	AQUA_URL: https://api.dev.supply-chain.cloud.aquasec.com
	CSPM_URL: https://stage.api.cloudsploit.com
	TRIVY_RUN_AS_PLUGIN: 'aqua'
	# For http/https proxy configuration add env vars: HTTP_PROXY/HTTPS_PROXY, CA-CRET (path to CA certificate)

	# - name: Run Trivy vulnerability scanner in IaC mode
	# # uses: aquasecurity/trivy-action@master
	# # with:
	# # scan-type: 'fs'
	# # security-checks: 'vuln,config,secret'
	# # hide-progress: false
	# # format: 'table'
	# # # Customizing which severities are scanned for is done by adding the following flag: severity: 'UNKNOWN','LOW','MEDIUM','HIGH','CRITICAL'


	# run: \|
	# trivyVersion=0.32.0
	# curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh \| sh -s -- -b . v${trivyVersion}
	# ./trivy plugin install github.com/tzurielweisberg/plugin-version
	# ./trivy fs --debug --scanners secret --package-json .

	# env:
	# # AQUA_KEY: b3L9KDF8q9u0C9PG46Ogub
	# # AQUA_SECRET: IvApjjTavkLcaJeAXpLfzmymtF9tDIB1xim
	# AQUA_KEY: ${{secrets.AQUA_KEY}}
	# AQUA_SECRET: ${{secrets.AQUA_SECRET}}
	# GITHUB_TOKEN: ${{secrets.GH_TOKEN}} #${{ github.token }}
	# AQUA_URL: https://api.dev.supply-chain.cloud.aquasec.com
	# CSPM_URL: https://stage.api.cloudsploit.com
	# TRIVY_RUN_AS_PLUGIN: 'aqua'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Create wetwergf.txt #194

Workflow file

Create wetwergf.txt #194

Jobs

Run details

Workflow file for this run