fix: only high and critical

geekbrother · geekbrother · commit 81e3fed43bf2 · 2026-03-24T12:26:19.000+01:00
diff --git a/.github/workflows/ci-check-infra.yml b/.github/workflows/ci-check-infra.yml
@@ -102,12 +102,14 @@ jobs:
 
       - name: Run Trivy IaC scanner
         uses: aquasecurity/trivy-action@v0.35.0
+        env:
+          TRIVY_SKIP_CHECKS: AVD-AWS-0034
         with:
           scan-type: 'config'
           scan-ref: ${{ inputs.tf-directory }}
-          exit-code: '0'
+          exit-code: '1'
+          severity: 'HIGH,CRITICAL'
           skip-dirs: '.terraform'
-          skip-checks: 'AVD-AWS-0034'
 
   tflint:
     name: TFLint
