trivy-cve-github-issue-action

Scrape your manifests for container images, scan those images with Trivy for vulnerabilites and create GitHub issues from them.

Usage

# .github/workflows/trivy-cve-github-issue.yaml
on:
  schedule:
    - cron: "30 3 * * *"
jobs:
  scan:
    name: Scan
    runs-on: ubuntu-20.04
    steps:
      - uses: docker/login-action@v2
        with:
          registry: private.registry.com
          username: me
          password: secure
      - uses: actions/checkout@v3
      - uses: airfocusio/trivy-cve-github-issue-action@main
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}