ci(security-scanner): add support for Red Hat UBI images and fix typo (…

…#21912) * ci(security-scanner): add support for Red Hat UBI images and fix typo * hclfmt * clean-up comments Co-authored-by: Kent Gruber <[email protected]> --------- Co-authored-by: Kent Gruber <[email protected]>
hashicorp · Nov 4, 2024 · 1dfc265 · 1dfc265
1 parent 59447e9
commit 1dfc265
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 7 deletions.
diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
@@ -14,7 +14,7 @@
 
 container {
 	dependencies = true
-	alpine_secdb = true
+	osv          = true
 
 	secrets {
 		matchers {
@@ -36,8 +36,7 @@ container {
 	# periodically cleaned up to remove items that are no longer found by the scanner.
 	triage {
 		suppress {
-			# N.b. `vulnerabilites` is the correct spelling for this tool.
-			vulnerabilites = [
+			vulnerabilities = [
 				"CVE-2024-8096", # [email protected],
 				"CVE-2024-9143", # [email protected],
 			]
@@ -79,8 +78,7 @@ binary {
 	# periodically cleaned up to remove items that are no longer found by the scanner.
 	triage {
 		suppress {
-			# N.b. `vulnerabilites` is the correct spelling for this tool.
-			vulnerabilites = [
+			vulnerabilities = [
 			]
 			paths = [
 				"internal/tools/proto-gen-rpc-glue/e2e/consul/*",

diff --git a/scan.hcl b/scan.hcl
@@ -28,8 +28,7 @@ repository {
   # periodically cleaned up to remove items that are no longer found by the scanner.
   triage {
     suppress {
-      # N.b. `vulnerabilites` is the correct spelling for this tool.
-      vulnerabilites = [
+      vulnerabilities = [
       ]
       paths = [
         "internal/tools/proto-gen-rpc-glue/e2e/consul/*",