imagescan_action

.gitea/workflows/trivy_scan_image.yml

@@ -27,6 +27,20 @@ jobs:
           ignore-unfixed: true
           severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
           scanners: "vuln,misconfig,secrets"
+          output: trivy.txt
         env:
           TRIVY_USERNAME: "${{ env.user }}"
           TRIVY_PASSWORD: "${{ secrets.DOCKER_PULL_TOKEN }}"
+      - name: Publish Trivy Output to Summary
+        run: |
+          if [[ -s trivy.txt ]]; then
+            {
+              echo "### Security Output"
+              echo "<details><summary>Click to expand</summary>"
+              echo ""
+              echo '```terraform'
+              cat trivy.txt
+              echo '```'
+              echo "</details>"
+            } >> $GITHUB_STEP_SUMMARY
+          fi