From 8b3feac040104c51cdbf9a518c976ea6b34a8381 Mon Sep 17 00:00:00 2001
From: Syndamia <kamen@syndamia.com>
Date: Tue, 13 Aug 2024 15:33:07 +0300
Subject: fix(cd*): Added explicit sha for upload trivy results

---
 .github/workflows/cd-dev.yml | 1 +
 .github/workflows/cd.yml     | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

(limited to '.github/workflows')

diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml
index 0ed1bb8..8bf5471 100644
--- a/.github/workflows/cd-dev.yml
+++ b/.github/workflows/cd-dev.yml
@@ -47,3 +47,4 @@ jobs:
         uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: 'trivy-results.sarif'
+          sha: ${{ github.sha }}
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index 2ed8a43..e95f2e6 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -23,7 +23,7 @@ jobs:
           tags: ${{ secrets.DOCKERHUB_USERNAME }}/pico-web-server:latest
 
   Test-Trivy:
-    name: Scan development docker container with trivy
+    name: Scan production docker container with trivy
     runs-on: ubuntu-latest
     needs: Build-docker-and-push
     steps:
@@ -40,6 +40,7 @@ jobs:
         uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: 'trivy-results.sarif'
+          sha: ${{ github.sha }}
 
   Release:
     name: Make github release
-- 
cgit v1.2.3