Skip to content

Commit ea27ac1

Browse files
DmitriyLewenDmitriyLewen
authored
docs: add info that unix:/ prefix is required (#455)
1 parent 6c175e9 commit ea27ac1

File tree

1 file changed

+30
-30
lines changed

1 file changed

+30
-30
lines changed

README.md

Lines changed: 30 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -820,36 +820,36 @@ Configuration priority:
820820

821821
Following inputs can be used as `step.with` keys:
822822

823-
| Name | Type | Default | Description |
824-
|------------------------------|---------|------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------|
825-
| `scan-type` | String | `image` | Scan type, e.g. `image` or `fs` |
826-
| `input` | String | | Tar reference, e.g. `alpine-latest.tar` |
827-
| `image-ref` | String | | Image reference, e.g. `alpine:3.10.2` |
828-
| `scan-ref` | String | `/github/workspace/` | Scan reference, e.g. `/github/workspace/` or `.` |
829-
| `format` | String | `table` | Output format (`table`, `json`, `template`, `sarif`, `cyclonedx`, `spdx`, `spdx-json`, `github`, `cosign-vuln`) |
830-
| `template` | String | | Output template (`@$HOME/.local/bin/trivy-bin/contrib/gitlab.tpl`, `@$HOME/.local/bin/trivy-bin/contrib/junit.tpl`) |
831-
| `tf-vars` | String | | path to Terraform variables file |
832-
| `output` | String | | Save results to a file |
833-
| `exit-code` | String | `0` | Exit code when specified vulnerabilities are found |
834-
| `ignore-unfixed` | Boolean | false | Ignore unpatched/unfixed vulnerabilities |
835-
| `vuln-type` | String | `os,library` | Vulnerability types (os,library) |
836-
| `severity` | String | `UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL` | Severities of vulnerabilities to scanned for and displayed |
837-
| `skip-dirs` | String | | Comma separated list of directories where traversal is skipped |
838-
| `skip-files` | String | | Comma separated list of files where traversal is skipped |
839-
| `cache-dir` | String | `$GITHUB_WORKSPACE/.cache/trivy` | Cache directory. NOTE: This value cannot be configured by `trivy.yaml`. |
840-
| `timeout` | String | `5m0s` | Scan timeout duration |
841-
| `ignore-policy` | String | | Filter vulnerabilities with OPA rego language |
842-
| `hide-progress` | String | `false` | Suppress progress bar and log output |
843-
| `list-all-pkgs` | String | | Output all packages regardless of vulnerability |
844-
| `scanners` | String | `vuln,secret` | comma-separated list of what security issues to detect (`vuln`,`secret`,`misconfig`,`license`) |
845-
| `trivyignores` | String | | comma-separated list of relative paths in repository to one or more `.trivyignore` files |
846-
| `trivy-config` | String | | Path to trivy.yaml config |
847-
| `github-pat` | String | | Authentication token to enable sending SBOM scan results to GitHub Dependency Graph. Can be either a GitHub Personal Access Token (PAT) or GITHUB_TOKEN |
848-
| `limit-severities-for-sarif` | Boolean | false | By default *SARIF* format enforces output of all vulnerabilities regardless of configured severities. To override this behavior set this parameter to **true** |
849-
| `docker-host` | String | | By default it is set to `unix://var/run/docker.sock`, but can be updated to help with containerized infrastructure values |
850-
| `version` | String | `v0.60.0` | Trivy version to use, e.g. `latest` or `v0.60.0` |
851-
| `skip-setup-trivy` | Boolean | false | Skip calling the `setup-trivy` action to install `trivy` |
852-
| `token-setup-trivy` | Boolean | | Overwrite `github.token` used by `setup-trivy` to checkout the `trivy` repository |
823+
| Name | Type | Default | Description |
824+
|------------------------------|---------|------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------|
825+
| `scan-type` | String | `image` | Scan type, e.g. `image` or `fs` |
826+
| `input` | String | | Tar reference, e.g. `alpine-latest.tar` |
827+
| `image-ref` | String | | Image reference, e.g. `alpine:3.10.2` |
828+
| `scan-ref` | String | `/github/workspace/` | Scan reference, e.g. `/github/workspace/` or `.` |
829+
| `format` | String | `table` | Output format (`table`, `json`, `template`, `sarif`, `cyclonedx`, `spdx`, `spdx-json`, `github`, `cosign-vuln`) |
830+
| `template` | String | | Output template (`@$HOME/.local/bin/trivy-bin/contrib/gitlab.tpl`, `@$HOME/.local/bin/trivy-bin/contrib/junit.tpl`) |
831+
| `tf-vars` | String | | path to Terraform variables file |
832+
| `output` | String | | Save results to a file |
833+
| `exit-code` | String | `0` | Exit code when specified vulnerabilities are found |
834+
| `ignore-unfixed` | Boolean | false | Ignore unpatched/unfixed vulnerabilities |
835+
| `vuln-type` | String | `os,library` | Vulnerability types (os,library) |
836+
| `severity` | String | `UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL` | Severities of vulnerabilities to scanned for and displayed |
837+
| `skip-dirs` | String | | Comma separated list of directories where traversal is skipped |
838+
| `skip-files` | String | | Comma separated list of files where traversal is skipped |
839+
| `cache-dir` | String | `$GITHUB_WORKSPACE/.cache/trivy` | Cache directory. NOTE: This value cannot be configured by `trivy.yaml`. |
840+
| `timeout` | String | `5m0s` | Scan timeout duration |
841+
| `ignore-policy` | String | | Filter vulnerabilities with OPA rego language |
842+
| `hide-progress` | String | `false` | Suppress progress bar and log output |
843+
| `list-all-pkgs` | String | | Output all packages regardless of vulnerability |
844+
| `scanners` | String | `vuln,secret` | comma-separated list of what security issues to detect (`vuln`,`secret`,`misconfig`,`license`) |
845+
| `trivyignores` | String | | comma-separated list of relative paths in repository to one or more `.trivyignore` files |
846+
| `trivy-config` | String | | Path to trivy.yaml config |
847+
| `github-pat` | String | | Authentication token to enable sending SBOM scan results to GitHub Dependency Graph. Can be either a GitHub Personal Access Token (PAT) or GITHUB_TOKEN |
848+
| `limit-severities-for-sarif` | Boolean | false | By default *SARIF* format enforces output of all vulnerabilities regardless of configured severities. To override this behavior set this parameter to **true** |
849+
| `docker-host` | String | | By default it is set to `unix://var/run/docker.sock`, but can be updated to help with containerized infrastructure values (`unix:/` or other prefix is required) |
850+
| `version` | String | `v0.60.0` | Trivy version to use, e.g. `latest` or `v0.60.0` |
851+
| `skip-setup-trivy` | Boolean | false | Skip calling the `setup-trivy` action to install `trivy` |
852+
| `token-setup-trivy` | Boolean | | Overwrite `github.token` used by `setup-trivy` to checkout the `trivy` repository |
853853

854854
### Environment variables
855855
You can use [Trivy environment variables][trivy-env] to set the necessary options (including flags that are not supported by [Inputs](#inputs), such as `--secret-config`).

0 commit comments

Comments
 (0)