From 57006e3d52e34b73a62ff6762e9c2ffe2c05e4bf Mon Sep 17 00:00:00 2001
From: Dave Sargent <dave_sargent@selinc.com>
Date: Mon, 28 Oct 2024 20:06:09 -0700
Subject: [PATCH] Switch tot he docker/build-push-action and pass the github
 token to fix api exhaustion

---
 .github/workflows/trivy.yml | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index 8d22940..90829ea 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -48,9 +48,16 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
-      - name: Build an image from Dockerfile
-        run: |
-          docker build -t ghcr.io/sarg3nt/go-docker-container:${{ github.sha }} .
+      # - name: Build an image from Dockerfile
+      #   run: |
+      #     docker build -t ghcr.io/sarg3nt/go-docker-container:${{ github.sha }} .
+      - name: Build and push Docker image
+        uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
+        with:
+          context: .
+          push: false
+          tags: ${{ github.sha }}
+          secrets: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@7b7aa264d83dc58691451798b4d117d53d21edfe