Update trivy-scan.yml

.github/workflows/trivy-scan.yml

@@ -2,7 +2,20 @@ name: Trivy Vulnerability Scan (Repo mode)
 
 on:
   workflow_dispatch:
+    inputs:
+      config-path:
+        description: 'Relative path to the trivy config file'
+        default: './github/trivy-no-upload.yaml'
+        required: false
+        type: string
+
   workflow_call:
+    inputs:
+      config-path:
+        description: 'Relative path to the trivy config file'
+        default: './github/trivy-no-upload.yaml'
+        required: false
+        type: string
 
 jobs:
   run_trivy_scan:
@@ -16,12 +29,12 @@ jobs:
       - name: Publish to local repo (poms)
         run: |
           ./gradlew publishMavenJavaPublicationToLocalRepository
-      - name: Run Trivy scan in repo mode
+      - name: Run Trivy scan in repo mode (fs)
         uses: aquasecurity/trivy-action@master
         with:
           scan-type: 'fs'
           scan-ref: '${{ env.LOCAL_REPOSITORY_PATH }}/org/springframework/pulsar'
-          trivy-config: .github/trivy.yaml
+          trivy-config: ${{ inputs.config-path }}
       - name: Trivy scan complete
         shell: bash
         run: echo "::info ::Scanned"