Only run Trivy against Dockerfile changes

As the Trivy run is scheduled via cron, we should only run in addition to that if the Dockerfile itself is changed.
2025-12-07 16:05:05 -05:00 · 2021-07-13 19:45:44 +00:00
parent 2fbacfeb5b
commit c8fa7fd543
1 changed files with 4 additions and 3 deletions
--- a/.github/workflows/trivy-analysis.yml
+++ b/.github/workflows/trivy-analysis.yml
@@ -2,10 +2,11 @@ name: Build and scan container for vulnerabilities with Trivy

 on:
  push:
-    branches: [ main ]
+    paths:
+    - 'Dockerfile'
  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ main ]
+    paths:
+    - 'Dockerfile'
  schedule:
    - cron: '22 14 * * 0'