Use Ubuntu 24.04 runners

Signed-off-by: Tommy <contact@tommytran.io>
2024-09-07 18:23:30 -04:00 · 2024-07-19 22:08:13 -07:00 · 2024-07-19 22:08:13 -07:00 · d54e386a39
commit d54e386a39
parent 4f6053a6bb
1 changed files with 11 additions and 11 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -19,7 +19,7 @@ env:
 jobs:
  build:
    name: Build & push new image
-    runs-on: "ubuntu-latest"
+    runs-on: ubuntu-24.04
    permissions:
      contents: read
      packages: write
@ -72,36 +72,36 @@ jobs:
    needs: build
    permissions:
      security-events: write
-    runs-on: "ubuntu-latest"
+    runs-on: "ubuntu-24.04"
    steps:
      - name: Run Trivy vulnerability scanner
        uses: aquasecurity/trivy-action@master
        with:
-          image-ref: 'ghcr.io/tommytran732/matrix.to'
-          format: 'template'
+          image-ref: ghcr.io/tommytran732/matrix.to
+          format: template
          template: '@/contrib/sarif.tpl'
-          output: 'trivy-results.sarif'
-          severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
-          vuln-type: "os,library"
+          output: trivy-results.sarif
+          severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
+          vuln-type: os,library

      - name: Upload Trivy scan results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v3
        with:
-          sarif_file: 'trivy-results.sarif'
-          category: 'trivy'
+          sarif_file: trivy-results.sarif
+          category: trivy

  grype:
    name: Scan current image with Grype
    needs: build
    permissions:
      security-events: write
-    runs-on: "ubuntu-latest"
+    runs-on: ubuntu-24.04
    steps:
      - name: Run Grype vulnerability scanner
        uses: anchore/scan-action@v4
        id: grype
        with:
-          image: "ghcr.io/tommytran732/matrix.to"
+          image: ghcr.io/tommytran732/matrix.to
          fail-build: false

      - name: Upload Grype scan results to GitHub Security tab