From cbb67c7319735bb8a22e632e6e1d2058e543906c Mon Sep 17 00:00:00 2001
From: Logan Marchione <loganmarchione@users.noreply.github.com>
Date: Wed, 28 Dec 2022 21:59:08 +0000
Subject: [PATCH] Update main.yml

---
 .github/workflows/main.yml | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index e1d4409..75518ad 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -13,7 +13,7 @@ env:
   REPO: docker-webdav-nginx
 
 jobs:
-  ubuntu_ci:
+  ci:
     name: Build and test
 
     runs-on: ubuntu-latest
@@ -47,17 +47,22 @@ jobs:
         docker run --name test-container --detach --env WEBDAV_USER=user --env WEBDAV_PASS=password1 --volume 'webdav:/var/www/webdav' ${USER}/${REPO}:${VERSION}
         docker ps -a
 
-    - name: Container scan
-      uses: azure/container-scan@v0
+    - name: Container scan with Dockle
+      uses: docker://goodwithtech/dockle:v0.4.9
       with:
-        image-name: ${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}
-        severity-threshold: CRITICAL
-        run-quality-checks: true
+        args: '--exit-code 1 --format list ${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}'
 
-  ubuntu_cd:
+    - name: Container scan with Trivy
+      uses: aquasecurity/trivy-action@0.8.0
+      with:
+        scan-type: 'image'
+        image-ref: '${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}'
+        trivy-config: ./github/trivy.yaml
+
+  cd:
     name: Deploy
 
-    needs: ubuntu_ci
+    needs: ci
     runs-on: ubuntu-latest
 
     steps: