Dev (#27)v0.2.3

* fix(README): Updated all TODO anchors (#25)

* feat(ci/cd): Move Trivy testing into ci, from cd

* fix(ci): Typo in needs value

* fix(ci): docker build bad arguments

* fix(ci): Download dev build artifacts in trivy dev test

* fix(ci): Fixed trivy dev test build artifacts path

1 files changed, 0 insertions, 23 deletions

diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml
index 2e23351..3935d34 100644
--- a/.github/workflows/cd-dev.yml
+++ b/.github/workflows/cd-dev.yml
@@ -28,26 +28,3 @@ jobs:
           context: .
           file: ./docker/dev/Dockerfile
           tags: ${{ secrets.DOCKERHUB_USERNAME }}/pico-web-dev:latest
-
-  Test-Trivy:
-    name: Scan development docker container with trivy
-    runs-on: ubuntu-latest
-    needs: Create-and-release-dev-container
-    permissions:
-      security-events: write
-    steps:
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
-        with:
-          image-ref: ${{ secrets.DOCKERHUB_USERNAME }}/pico-web-dev:latest
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          exit-code: 0
-          ignore-unfixed: true
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: 'trivy-results.sarif'
-          sha: ${{ github.sha }}
-          ref: ${{ github.ref }}