name: Vulnerability Scan on: schedule: - cron: '0 14 * * *' jobs: scan: name: Daily Vulnerability Scan runs-on: ubuntu-latest steps: - name: Pull docker image run: docker pull docker.asperti.com/paspo/glpi:latest - name: Run Trivy vulnerability scanner id: scan uses: aquasecurity/trivy-action@master with: image-ref: 'docker.asperti.com/paspo/glpi:latest' format: 'sarif' output: 'trivy-results.sarif' - name: check output env: AAA: ${{ steps.scan.outputs }} run: echo ""