From 6a7b026efe5540b5b4c3fa94d149f7bd8ab49d31 Mon Sep 17 00:00:00 2001
From: edgar4all <43730355+edgar4all@users.noreply.github.com>
Date: Sun, 7 Jan 2024 17:09:51 -0300
Subject: [PATCH] probando trivy

---
 .github/workflows/docker-image.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
index 743249f..cc6c8fb 100644
--- a/.github/workflows/docker-image.yml
+++ b/.github/workflows/docker-image.yml
@@ -18,6 +18,12 @@ jobs:
       uses: hadolint/hadolint-action@v3.1.0
       with:
         dockerfile: Dockerfile    
+    - 
+      name: Scan Docker image with Trivy
+      uses: aquasecurity/trivy-action@master
+      with:
+        image-ref: ${{ secrets.DOCKERUSER }}/react-todo-list:${{ github.run_number }}
+        #exit-code-on-severity: "HIGH"        
     -
       name: Login to Docker Hub edgar4all
       uses: docker/login-action@v3