trivy action

Author: benjaminjb

.github/workflows/trivy-scan.yaml

@@ -22,12 +22,6 @@ jobs:
     steps:
       - uses: actions/checkout@v3
 
-      - name: Log all detected vulnerabilities
-        uses: aquasecurity/trivy-action@master
-        with:
-          scan-type: fs
-          hide-progress: true
-
       # Upload actionable results to the GitHub Security tab.
       # Pull request checks fail according to repository settings.
       #
@@ -40,6 +34,8 @@ jobs:
           ignore-unfixed: true
           format: 'sarif'
           output: 'trivy-results.sarif'
+          hide-progress: true
+          exit-code: 1
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2