ci(trivy): #106 temporary only fail CI for CRITICAL vulnerabilities

abhisheksr01 · abhisheksr01 · commit bc056ab1bdb1 · 2024-12-26T14:44:02.000Z
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
@@ -117,7 +117,7 @@ jobs:
         with:
           dockerfile: Dockerfile
           failure-threshold: error
-      - name: Run Trivy vulnerability for Dockerfile
+      - name: Run Trivy vulnerability for IAC
         uses: aquasecurity/trivy-action@0.29.0
         with:
           scan-type: config
diff --git a/config/trivy/trivy.yaml b/config/trivy/trivy.yaml
@@ -5,8 +5,8 @@ misconfiguration:
     - kubernetes
 
 severity:
-  - UNKNOWN
-  - LOW
-  - MEDIUM
-  - HIGH
+#  - UNKNOWN # Tracking the issue here: https://github.com/abhisheksr01/spring-boot-microservice-best-practices/issues/351
+#  - LOW
+#  - MEDIUM
+#  - HIGH
   - CRITICAL
