From 2ae9d6fe2fefd79e3f1f69c773742408fbfacdab Mon Sep 17 00:00:00 2001
From: Xun Jiang/Bruce Jiang <59276555+blackpiglet@users.noreply.github.com>
Date: Fri, 4 Apr 2025 12:06:59 +0800
Subject: [PATCH] Update the nightly trivy scan targets. (#8833)

Remove the velero-restore-helper.
Add AWS, GCP, and Azure plugins.

Signed-off-by: Xun Jiang <xun.jiang@broadcom.com>
---
 .github/workflows/nightly-trivy-scan.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/nightly-trivy-scan.yml b/.github/workflows/nightly-trivy-scan.yml
index acf42dc80..ac463863b 100644
--- a/.github/workflows/nightly-trivy-scan.yml
+++ b/.github/workflows/nightly-trivy-scan.yml
@@ -13,7 +13,7 @@ jobs:
         # maintain the versions of Velero those need security scan
         versions: [main]
         # list of images that need scan
-        images: [velero, velero-restore-helper]
+        images: [velero, velero-plugin-for-aws, velero-plugin-for-gcp, velero-plugin-for-microsoft-azure]
     permissions:
       security-events: write  # for github/codeql-action/upload-sarif to upload SARIF results