From 4eb900c46e4f7a2b01d3ae9048aafa2dec5c6cc6 Mon Sep 17 00:00:00 2001
From: Eric Thuaud <58465319+EricThuaud@users.noreply.github.com>
Date: Mon, 8 Jul 2024 11:34:03 +0200
Subject: [PATCH] Update ci-rc.yml

---
 .github/workflows/ci-rc.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/workflows/ci-rc.yml b/.github/workflows/ci-rc.yml
index 522be3aa..f383a84c 100644
--- a/.github/workflows/ci-rc.yml
+++ b/.github/workflows/ci-rc.yml
@@ -17,6 +17,14 @@ jobs:
           java-version: 21
       - name: Build with Maven
         run: mvn -B clean package
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@0.20.0
+        with:
+          format: 'table'
+          scan-type: 'repo'
+          exit-code: '1'
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
       - name: Upload jar
         uses: actions/upload-artifact@v3
         with: