ci: ignore false-positive 3rd party lockfiles for trivy

2020-10-08 12:25:38 +02:00 · 2020-10-08 12:25:38 +02:00 · d62bf71820
parent 156557c6d7
commit d62bf71820
1 changed files with 1 additions and 1 deletions
--- a/.github/workflows/vulnscan.yml
+++ b/.github/workflows/vulnscan.yml
@ -24,7 +24,7 @@ jobs:
        trivy image --download-db-only
    - name: Scan vulnerabilities using Trivy
      env:
-        TRIVY_SKIP_DIRS: '/usr/lib/ruby/gems/2.7.0/gems/jaeger-client-0.10.0/crossdock,/usr/lib/ruby/gems/2.7.0/gems/jaeger-client-1.0.0/crossdock'
+        TRIVY_SKIP_DIRS: 'usr/lib/ruby/gems/2.7.0/gems/jaeger-client-0.10.0/crossdock,usr/lib/ruby/gems/2.7.0/gems/jaeger-client-1.0.0/crossdock,usr/lib/ruby/gems/2.7.0/gems/jaeger-client-1.1.0/crossdock'
      run: |
        trivy --version