From c2281fce849c3809f758e36db7e9abd8a329deb1 Mon Sep 17 00:00:00 2001
From: Neil Hanlon <neil@rockylinux.org>
Date: Tue, 15 Mar 2022 08:48:59 -0400
Subject: [PATCH] Upload scan results to github security tab

---
 .github/workflows/scan.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
index 1b6c4c3..67e64c9 100644
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@@ -1,4 +1,4 @@
-name: scan
+name: Scan images using trivy
 on:
   workflow_dispatch:
   schedule:
@@ -6,6 +6,9 @@ on:
 
 jobs:
   scan:
+    permissions:
+      contents: read
+      security-events: write # allow github/codeql-action/upload-sarif
     name: Scan for Security Vulnerabilities
     runs-on: ubuntu-18.04
     steps: