From b89f06e5c5786461ce225e13d07b33b0d3f1cd4d Mon Sep 17 00:00:00 2001 From: Bertrand Goareguer <bertrand.goareguer@gmail.com> Date: Fri, 6 Oct 2023 15:33:22 +0000 Subject: [PATCH] fix(trivy): fail when scanning an image that has reached EOL --- templates/gitlab-ci-docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/gitlab-ci-docker.yml b/templates/gitlab-ci-docker.yml index b122d70..3180516 100644 --- a/templates/gitlab-ci-docker.yml +++ b/templates/gitlab-ci-docker.yml @@ -83,7 +83,7 @@ variables: DOCKER_TRIVY_SECURITY_LEVEL_THRESHOLD: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL" DOCKER_TRIVY_IMAGE: "registry.hub.docker.com/aquasec/trivy:latest" - DOCKER_TRIVY_ARGS: "--ignore-unfixed --vuln-type os" + DOCKER_TRIVY_ARGS: "--ignore-unfixed --vuln-type os --exit-on-eol 1" # SBOM genenration image and arguments DOCKER_SBOM_IMAGE: "registry.hub.docker.com/anchore/syft:debug" -- GitLab