ci: remove license scanning in trivy vulnerabiltiy job (#182)

DoodleScheduling · Aug 22, 2024 · 7cdd11a · 7cdd11a
1 parent 8eb1b6b
commit 7cdd11a
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/.github/ISSUE_TEMPLATE/VULN-TEMPLATE.md b/.github/ISSUE_TEMPLATE/VULN-TEMPLATE.md
@@ -0,0 +1,7 @@
+---
+title: Vulnerabilities detected
+labels: security
+---
+High or critical vulnerabilities detected. Scan results are below:
+
+{{ env.RESULTS }}
diff --git a/.github/workflows/report-on-vulnerabilities.yaml b/.github/workflows/report-on-vulnerabilities.yaml
@@ -23,7 +23,7 @@ jobs:
       with: 
         image-ref: ghcr.io/doodlescheduling/flux-build:latest
         format: json
-        scanners: license,vuln,secret
+        scanners: vuln,secret
         ignore-unfixed: false
         severity: HIGH,CRITICAL
         output: scan.json