RDGRS-953: create artifact before docker build on trivy

OutSystems · Dec 4, 2024 · 47bf6f5 · 47bf6f5
1 parent 8296440
commit 47bf6f5
Showing 1 changed file with 2 additions and 6 deletions.
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -33,17 +33,13 @@ jobs:
         uses: goreleaser/goreleaser-action@v6
         with:
           version: '~> v2'
-          args: --clean --snapshot --config .goreleaser.yaml
+          args: --clean --snapshot --config .goreleaser.yaml  --set version={{ github.event.after }}
           workdir: .
 
-      - name: Build an image from Dockerfile
-        run: |
-          docker build -t ghcr.io/outsystems/outsystemscc:${{ github.sha }} .
-
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@7b7aa264d83dc58691451798b4d117d53d21edfe
         with:
-          image-ref: 'ghcr.io/outsystems/outsystemscc:${{ github.sha }}'
+          image-ref: 'ghcr.io/outsystems/outsystemscc:{{ github.event.after }}-next'
           format: 'template'
           template: '@/contrib/sarif.tpl'
           output: 'trivy-results.sarif'