From 92658105622705d89d0f4952a11752ad96dcc283 Mon Sep 17 00:00:00 2001
From: David Gogl <1381862+kengou@users.noreply.github.com>
Date: Sun, 15 Sep 2024 18:22:52 +0200
Subject: [PATCH] fix(build): add short sha for trivy (#8)

---
 .github/workflows/docker-build.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/docker-build.yaml b/.github/workflows/docker-build.yaml
index f4a6433..7096a40 100644
--- a/.github/workflows/docker-build.yaml
+++ b/.github/workflows/docker-build.yaml
@@ -62,11 +62,14 @@ jobs:
     needs: build
     runs-on: [ default ]
     steps:
+      - name: Set sha
+        id: vars
+        run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
         if: success()
         with:
-          image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
+          image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.vars.outputs.sha_short }}
           ignore-unfixed: true
           format: 'sarif'
           output: 'trivy-results.sarif'