UID2-6620: Upgrade aquasecurity/trivy-action from 0.14.0 to 0.34.0

sunnywu · claude · sunnywu · commit 3c50cc1792d4 · 2026-02-20T17:10:45.000+11:00
The Azure Private Operator Build Image job was failing because trivy-action@0.14.0
uses Docker client API version 1.43, which is incompatible with the runner's Docker
daemon that now requires a minimum API version of 1.44.

Co-Authored-By: Claude Sonnet 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/.github/workflows/publish-azure-cc-enclave-docker.yaml b/.github/workflows/publish-azure-cc-enclave-docker.yaml
@@ -128,7 +128,7 @@ jobs:
             BUILD_TARGET=${{ env.ENCLAVE_PROTOCOL }}
 
       - name: Generate Trivy vulnerability scan report
-        uses: aquasecurity/trivy-action@0.14.0
+        uses: aquasecurity/trivy-action@0.34.0
         with:
           image-ref: ${{ steps.meta.outputs.tags }}
           format: 'sarif'
@@ -144,7 +144,7 @@ jobs:
           sarif_file: 'trivy-results.sarif'
 
       - name: Test with Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.14.0
+        uses: aquasecurity/trivy-action@0.34.0
         with:
           image-ref: ${{ steps.meta.outputs.tags }}
           format: 'table'
