fixup! feat: feat: add trivy vulnerability check

halestudio · Jun 10, 2024 · 8220cf0 · 8220cf0
1 parent dcda401
commit 8220cf0
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
@@ -120,9 +120,14 @@ jobs:
           sudo apt-get install -y trivy
           trivy --version
 
+      - name: Extract the archive file
+        run: |
+          mkdir -p extracted
+          tar -xzf build/target/hale-studio-*linux*.tar.gz -C extracted
+
       - name: Run Trivy scan
         run: |
-          trivy fs --severity CRITICAL,HIGH build/target/hale-studio-*linux*.tar.gz --format sarif --output trivy-results.sarif
+          trivy fs --severity CRITICAL,HIGH build/target/hale-studio-*linux* --format sarif --output trivy-results.sarif
 
 
       - name: Upload Trivy scan results to file