From 9d94a36c84c95a692c27313a6726437ed344ae2a Mon Sep 17 00:00:00 2001
From: appleboy <appleboy.tw@gmail.com>
Date: Fri, 28 Nov 2025 22:10:49 +0800
Subject: [PATCH] ci: remove Trivy vulnerability scanning from CI workflow

- Remove Trivy vulnerability scanning and upload of scan results to GitHub Security tab from the workflow

Signed-off-by: appleboy <appleboy.tw@gmail.com>
---
 .github/workflows/docker.yml | 15 ---------------
 1 file changed, 15 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index ef7990a..55ff850 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -75,21 +75,6 @@ jobs:
           load: true
           tags: drone-ssh:scan
 
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
-        with:
-          image-ref: "drone-ssh:scan"
-          format: "sarif"
-          output: "trivy-results.sarif"
-          severity: "CRITICAL,HIGH"
-          exit-code: "1"
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
-        if: always()
-        with:
-          sarif_file: "trivy-results.sarif"
-
       - name: Build and push
         if: success()
         uses: docker/build-push-action@v6