Upload scan results to github security tab

2024-12-18 15:18:35 +00:00 · 2022-03-15 08:48:59 -04:00 · 2022-03-15 08:48:59 -04:00 · c2281fce84
commit c2281fce84
parent 81905fbe8a
1 changed files with 4 additions and 1 deletions
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@ -1,4 +1,4 @@
-name: scan
+name: Scan images using trivy
 on:
  workflow_dispatch:
  schedule:
@ -6,6 +6,9 @@ on:

 jobs:
  scan:
+    permissions:
+      contents: read
+      security-events: write # allow github/codeql-action/upload-sarif
    name: Scan for Security Vulnerabilities
    runs-on: ubuntu-18.04
    steps: