From ede0897acdae44c6dd1cce4a1ae5503fd97d82b2 Mon Sep 17 00:00:00 2001
From: Lucas Manuel Rodriguez <lucas@fleetdm.com>
Date: Tue, 20 Aug 2024 15:27:41 -0300
Subject: [PATCH] Pin trivy action (#21425)

Fixing code scanning warnings
https://github.com/fleetdm/fleet/security/code-scanning for the recently
added workflow.
---
 .../workflows/build-and-check-fleetctl-docker-and-deps.yml  | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/build-and-check-fleetctl-docker-and-deps.yml b/.github/workflows/build-and-check-fleetctl-docker-and-deps.yml
index e749792aa1..50f4e58f13 100644
--- a/.github/workflows/build-and-check-fleetctl-docker-and-deps.yml
+++ b/.github/workflows/build-and-check-fleetctl-docker-and-deps.yml
@@ -62,7 +62,7 @@ jobs:
         run: make fleetctl-docker
 
       - name: Run Trivy vulnerability scanner on fleetdm/wix
-        uses: aquasecurity/trivy-action@0.20.0
+        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8
         with:
           image-ref: "fleetdm/wix"
           format: "table"
@@ -72,7 +72,7 @@ jobs:
           severity: "CRITICAL"
 
       - name: Run Trivy vulnerability scanner on fleetdm/bomutils
-        uses: aquasecurity/trivy-action@0.20.0
+        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8
         with:
           image-ref: "fleetdm/bomutils"
           format: "table"
@@ -82,7 +82,7 @@ jobs:
           severity: "CRITICAL"
 
       - name: Run Trivy vulnerability scanner on fleetdm/fleetctl
-        uses: aquasecurity/trivy-action@0.20.0
+        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8
         with:
           image-ref: "fleetdm/fleetctl"
           format: "table"