This is an automated email from the ASF dual-hosted git repository.
payang pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/kafka.git
The following commit(s) were added to refs/heads/trunk by this push:
new eb6ce0e3d9c MINOR: Change trivy action (#22024)
eb6ce0e3d9c is described below
commit eb6ce0e3d9c22ea1c34ecca293555f9fcad17981
Author: PoAn Yang <[email protected]>
AuthorDate: Sun Apr 12 23:42:08 2026 +0900
MINOR: Change trivy action (#22024)
Change to use approved pattern in infrastructure actions.
https://github.com/apache/infrastructure-actions/blob/75f430702f46fc5b4a71efc23a1ce8d72e11ba61/approved_patterns.yml#L211
Reviewers: Ryan Huang <[email protected]>, Ken Huang <[email protected]>,
Chia-Ping Tsai <[email protected]>
---------
Signed-off-by: PoAn Yang <[email protected]>
---
.github/workflows/docker_build_and_test.yml | 2 +-
.github/workflows/docker_official_image_build_and_test.yml | 2 +-
.github/workflows/docker_scan.yml | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/docker_build_and_test.yml
b/.github/workflows/docker_build_and_test.yml
index 8358f10433a..d0ae6243105 100644
--- a/.github/workflows/docker_build_and_test.yml
+++ b/.github/workflows/docker_build_and_test.yml
@@ -54,7 +54,7 @@ jobs:
run: |
python docker_build_test.py kafka/test -tag=test -type=$IMAGE_TYPE
-u=$KAFKA_URL
- name: Run CVE scan
- uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
# v0.33.1
+ uses:
lhotari/sandboxed-trivy-action@555963036b2012b44c1071508a236e569db28ebb # v1.0.1
with:
image-ref: 'kafka/test:test'
format: 'table'
diff --git a/.github/workflows/docker_official_image_build_and_test.yml
b/.github/workflows/docker_official_image_build_and_test.yml
index 1c67ef58472..a11f6b03917 100644
--- a/.github/workflows/docker_official_image_build_and_test.yml
+++ b/.github/workflows/docker_official_image_build_and_test.yml
@@ -53,7 +53,7 @@ jobs:
run: |
python docker_official_image_build_test.py kafka/test -tag=test
-type=$IMAGE_TYPE -v=$KAFKA_VERSION
- name: Run CVE scan
- uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
# v0.33.1
+ uses:
lhotari/sandboxed-trivy-action@555963036b2012b44c1071508a236e569db28ebb # v1.0.1
with:
image-ref: 'kafka/test:test'
format: 'table'
diff --git a/.github/workflows/docker_scan.yml
b/.github/workflows/docker_scan.yml
index 0a5b4ef24a2..fc0f50c75c9 100644
--- a/.github/workflows/docker_scan.yml
+++ b/.github/workflows/docker_scan.yml
@@ -29,7 +29,7 @@ jobs:
supported_image_tag: ['latest', '3.9.2', '4.0.2', '4.1.2', '4.2.0']
steps:
- name: Run CVE scan
- uses:
aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # v0.33.1
+ uses:
lhotari/sandboxed-trivy-action@555963036b2012b44c1071508a236e569db28ebb # v1.0.1
if: always()
with:
image-ref: apache/kafka:${{ matrix.supported_image_tag }}
