From 6b17fd4fc196c80daf9c638561aeca9b5dec7bfa Mon Sep 17 00:00:00 2001
From: Mike Farah <mikefarah@gmail.com>
Date: Mon, 21 Dec 2020 15:48:25 +1100
Subject: [PATCH] Added trivy to docker build, bumped alpine image

---
 Dockerfile                | 2 +-
 scripts/publish-docker.sh | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index bbd6b91..f4b0622 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,7 +12,7 @@ RUN CGO_ENABLED=0 make local build
 
 # Choose alpine as a base image to make this useful for CI, as many
 # CI tools expect an interactive shell inside the container
-FROM alpine:3.12 as production
+FROM alpine:3.12.3 as production
 
 COPY --from=builder /go/src/mikefarah/yq/yq /usr/bin/yq
 RUN chmod +x /usr/bin/yq
diff --git a/scripts/publish-docker.sh b/scripts/publish-docker.sh
index 315eb19..3a2c67a 100755
--- a/scripts/publish-docker.sh
+++ b/scripts/publish-docker.sh
@@ -6,4 +6,6 @@ docker build \
   --build-arg VERSION=${VERSION} \
   -t mikefarah/yq:latest \
   -t mikefarah/yq:${VERSION} \
-  .
\ No newline at end of file
+  .
+
+trivy image mikefarah/yq:${VERSION}
\ No newline at end of file