From bb0e0b2a4b3a987b58bad6ca2248a78d7398c091 Mon Sep 17 00:00:00 2001
From: antoniocalo <antonio.calo@nttdata.com>
Date: Thu, 14 Nov 2024 17:12:13 +0100
Subject: [PATCH] P4ADEV-1377 update trivy action version

---
 .github/workflows/security-scan.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
index 579ccb7..8b63f51 100644
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -37,7 +37,7 @@ jobs:
         run: docker build . --file Dockerfile --tag localbuild/testimage:latest
       - name: Run the Trivy scan action itself with GitHub Advanced Security code scanning integration enabled
         id: scan
-        uses: aquasecurity/trivy-action@0.24.0 #v0.24.0
+        uses: aquasecurity/trivy-action@0.28.0 #v0.28.0
         with:
           trivy-config: 'config/trivy.yaml'
           image-ref: "localbuild/testimage:latest"
@@ -62,7 +62,7 @@ jobs:
   SendSlackNotification:
     needs: BuildAndScan
     uses: ./.github/workflows/send-notification.yml
-    if: always() && (needs.BuildAndScan.outputs.CVE_HIGH > 0 || needs.BuildAndScan.outputs.CVE_CRITICAL > 0)
+    if: always() && needs.BuildAndScan.result == 'failure'
     with:
       CVE_CRITICAL: ${{needs.BuildAndScan.outputs.CVE_CRITICAL}}
       CVE_HIGH: ${{needs.BuildAndScan.outputs.CVE_HIGH}}