Merge pull request #165 from OmegaSquad82/OmegaSquad82-patch-1

fix: align with build and sort things
OmegaSquad82 · Feb 1, 2025 · e5ded86 · e5ded86
2 parents 8e84e10 + 4f93a00
commit e5ded86
Showing 1 changed file with 7 additions and 7 deletions.
diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml
@@ -2,18 +2,18 @@ name: vulnerability-scan
 on:
   schedule:
     - cron:
-        "55 0,6,12,18 * * *" # build at {0,6,12,18}:55 UTC every day
+        "50 0,6,12,18 * * *" # build at {0,6,12,18}:55 UTC every day
         # (50 minutes after custom image build was triggered, then every 6h)
   push:
     paths-ignore:
+      - '.github/**'
       - "**.md"
-      - "build-isos"
-      - "**/build.yml"
       - "**/.gitkeep"
+      - "build-isos"
       - "renovate.json"
 concurrency:
-  group: ${{ github.workflow }}-${{ github.ref || github.run_id }}
   cancel-in-progress: true
+  group: ${{ github.workflow }}-${{ github.ref || github.run_id }}
 env:
   REPO_OWNER: ${{ github.repository_owner }}
 jobs:
@@ -45,13 +45,13 @@ jobs:
       - name: Generate SARIF for Custom Image with Trivy
         uses: aquasecurity/[email protected]
         with:
-          output: trivy-results.sarif
+          format: sarif
           github-pat: ${{ secrets.GITHUB_TOKEN }}
           image-ref: "${{ env.IMAGE_REF }}"
-          severity: MEDIUM,HIGH,CRITICAL
+          output: trivy-results.sarif
           scan-type: image
           scanners: vuln
-          format: sarif
+          severity: MEDIUM,HIGH,CRITICAL
         env:
           TRIVY_USERNAME: ${{ github.actor }}
           TRIVY_PASSWORD: ${{ github.token }}