fixup! ci(sdk): add trivy scan vuln final step

endersonmaia · endersonmaia · commit bdada99f9323 · 2026-02-27T13:50:03.000-03:00
diff --git a/.github/workflows/sdk.yaml b/.github/workflows/sdk.yaml
@@ -23,7 +23,7 @@ jobs:
         runs-on: ubuntu-latest
         strategy:
             matrix:
-                target:
+                target: &target-matrix
                     - rollups-database
                     - rollups-runtime
                     - sdk
@@ -132,10 +132,16 @@ jobs:
 
     trivy:
         runs-on: ubuntu-latest
-        needs: build
+        needs:
+            - build
+            - meta
+        strategy:
+            fail-fast: false
+            matrix: *target-matrix
         permissions:
             contents: read
             packages: read
+        name: trivy-${{ matrix.target }}
         steps:
             - name: Download all docker-metadata artifacts
               uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0
@@ -156,7 +162,7 @@ jobs:
 
                   mapfile -t IMAGES < <(
                     jq -r '.. | .tags? // empty | .[]?' \
-                      packages/sdk/docker-metadata-*/docker-metadata-action-bake.json \
+                      packages/sdk/docker-metadata-${{ matrix.target }}/docker-metadata-action-bake.json \
                       | awk 'NF > 0' \
                       | sort -u
                   )
