Skip to content

Security Scan (Distroless) #173

Security Scan (Distroless)

Security Scan (Distroless) #173

name: Security Scan (Distroless)
on:
schedule:
- cron: "0 8 * * *"
jobs:
scan-relay:
strategy:
matrix:
tag: ['latest-static-debian12-nonroot', 'v8-static-debian12-debug-nonroot']
fail-fast: false
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: aquasecurity/trivy-action@master
env:
# Avoid rate-limiting on ghcr.io (https://github.com/aquasecurity/trivy-action/issues/389)
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
with:
image-ref: launchdarkly/ld-relay:${{ matrix.tag }}
format: 'table'
exit-code: '1'
ignore-unfixed: true