Fix Trivy workflow: commit Dockerfile, upgrade trivy-action to 0.35.0

meysholdt · ona-agent · meysholdt · commit 0ff4942b0df5 · 2026-03-08T17:04:05.000Z
- Add .devcontainer/Dockerfile to git (was untracked, causing docker build failure)
- Upgrade trivy-action from 0.28.0 to 0.35.0 (0.28.0 failed to install Trivy v0.56.1)

Co-authored-by: Ona &lt;no-reply@ona.com&gt;
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
@@ -0,0 +1,5 @@
+FROM mcr.microsoft.com/devcontainers/base:ubuntu-24.04
+
+# use this Dockerfile to install additional tools you might need, e.g.
+# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
+#     && apt-get -y install --no-install-recommends <your-package-list-here>
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -28,7 +28,7 @@ jobs:
           docker build -t ghcr.io/ona-samples/github-security:${{ github.sha }} -f .devcontainer/Dockerfile .
 
       - name: Run Trivy image scanner
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@0.35.0
         with:
           image-ref: 'ghcr.io/ona-samples/github-security:${{ github.sha }}'
           format: 'sarif'
@@ -54,7 +54,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Run Trivy filesystem scanner
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@0.35.0
         with:
           scan-type: 'fs'
           scan-ref: '.'
