From 86cd5751250accb160ec191ec3ac94f34138d332 Mon Sep 17 00:00:00 2001
From: Joshua David Akers <akers@vt.edu>
Date: Fri, 30 Dec 2022 20:03:35 +0000
Subject: [PATCH] [PLATFORM-1335] correct usage of TRIVY_SEVERITY environment
 variable

---
 building-blocks/trivy-scan.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/building-blocks/trivy-scan.yml b/building-blocks/trivy-scan.yml
index 9323593..2fe1963 100644
--- a/building-blocks/trivy-scan.yml
+++ b/building-blocks/trivy-scan.yml
@@ -19,9 +19,9 @@
         cat ${TRIVY_IGNORE_FILE}
       fi
       if [ -n "${TRIVY_SEVERITY}" ]; then
-        export TRIVY_SEVERITY="--severity ${TRIVY_SEVERITY}"
+        export TRIVY_SEVERITY="${TRIVY_SEVERITY}"
       else
-        export TRIVY_SEVERITY="--severity CRITICAL"
+        export TRIVY_SEVERITY="CRITICAL"
       fi
       echo "Scanning $FULL_IMAGE_NAME"
       trivy --version
@@ -35,7 +35,7 @@
       # Prints full report
       time trivy image --exit-code 0 --cache-dir .trivycache/ --no-progress --timeout 15m $TRIVY_IGNORE "$FULL_IMAGE_NAME"
       # Fail on critical vulnerabilities
-      time trivy image --exit-code 1 --cache-dir .trivycache/ $TRIVY_SEVERITY --no-progress --timeout 15m $TRIVY_IGNORE "$FULL_IMAGE_NAME"
+      time trivy image --exit-code 1 --cache-dir .trivycache/ --no-progress --timeout 15m $TRIVY_IGNORE "$FULL_IMAGE_NAME"
   cache:
     paths:
       - .trivycache/
-- 
GitLab