trivy-azure-pipelines-task icon indicating copy to clipboard operation
trivy-azure-pipelines-task copied to clipboard

Published 20 hours ago verified publisher icon aquasecurity

[FEATURE REQUEST] Fail task only if certain severity is present in the result

Open MCBBosch opened this issue 1 year ago • 3 comments

I'd like to have a more fine-grained way to configure if the pipeline task should fail. Currently, it's only possible let the task fail if at least one finding is present (with the exitCode parameter).

I'd like to have the task fail upon CRITICAL and HIGH issues while issues with lower priorities shall be reported as well but not fail the whole task. Setting the existing "severities" property to values < HIGH doesn't help, as the high ones won't be reported then.

MCBBosch avatar Oct 10 '23 12:10 MCBBosch

Same here. Such a function would be highly appreciated, and would be very helpful.

maikfr avatar Dec 13 '23 12:12 maikfr

Same here. Currently, complex workarounds are needed to achieve reporting and breaking the pipeline.

PascalTurbo avatar Jan 18 '24 07:01 PascalTurbo

I'd like to add the condition if a fix is available or not, e.g. fail the pipeline for CRITICAL and HIGH if a fix is available

MCBBosch avatar Jan 19 '24 07:01 MCBBosch