From 929f4420427db93ba78650d8be3657970360d4b5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 6 Feb 2024 08:03:03 +0100
Subject: [PATCH] fix(ci): bump aquasecurity/trivy-action from 0.16.1 to 0.17.0
 (#78)

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.16.1...0.17.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/release-container.yaml | 8 ++++----
 .github/workflows/schedule-trivy.yaml    | 6 +++---
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/release-container.yaml b/.github/workflows/release-container.yaml
index fcd855e..6ac5907 100644
--- a/.github/workflows/release-container.yaml
+++ b/.github/workflows/release-container.yaml
@@ -124,7 +124,7 @@ jobs:
           DOCKER_CONTENT_TRUST: 1
             
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: '${{ inputs.image }}:${{ steps.meta.outputs.version }}'
           format: 'json'
@@ -133,7 +133,7 @@ jobs:
           output: 'trivy.json'
 
       - name: Convert trivy results to sarif
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -181,7 +181,7 @@ jobs:
           TAGS: ${{ steps.meta.outputs.tags }}
 
       - name: Convert trivy results to CycloneDX
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -197,7 +197,7 @@ jobs:
         if: github.event_name != 'pull_request' && startsWith(github.event.ref, 'refs/tags/v')
 
       - name: Convert trivy results to cosign-vuln
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'
diff --git a/.github/workflows/schedule-trivy.yaml b/.github/workflows/schedule-trivy.yaml
index 87b379a..4089213 100644
--- a/.github/workflows/schedule-trivy.yaml
+++ b/.github/workflows/schedule-trivy.yaml
@@ -35,7 +35,7 @@ jobs:
         uses: sigstore/cosign-installer@v3.4.0
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: ${{ inputs.image-ref }}
           timeout: ${{ inputs.timeout }}
@@ -46,7 +46,7 @@ jobs:
           output: 'trivy.json'
 
       - name: Convert trivy results to sarif
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -64,7 +64,7 @@ jobs:
           sarif_file: 'trivy.sarif'
 
       - name: Convert trivy results to cosign-vuln
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.17.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'