Update trivy.yml

kimookoii · web-flow · commit 129bec0526a3 · 2025-11-30T07:54:00.000+07:00
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -9,20 +9,15 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
-
-      - name: Install dependencies
-        run: |
-          sudo apt-get update -y
-          sudo apt-get install -y wget apt-transport-https ca-certificates
-
-      - name: Install Trivy
-        run: |
-          wget https://github.com/aquasecurity/trivy/releases/latest/download/trivy_Linux-64bit.deb
-          sudo dpkg -i trivy_Linux-64bit.deb
+        uses: actions/checkout@v4
 
       - name: Build Docker image
         run: docker build -t devsecops-scan .
 
-      - name: Run Trivy image scan (fail on HIGH/CRITICAL)
-        run: trivy image --exit-code 1 --severity HIGH,CRITICAL devsecops-scan
+      - name: Run Trivy (action)
+        uses: aquasecurity/trivy-action@v0.9.0
+        with:
+          image-ref: devsecops-scan
+          format: table
+          severity: HIGH,CRITICAL
+          exit-code: 1
