From 1d31e5d32dff0a52485e7615d096d21ca3487916 Mon Sep 17 00:00:00 2001
From: omri zaher <omriza5@gmail.com>
Date: Sat, 27 Sep 2025 13:36:49 +0300
Subject: [PATCH] Update vulnerability scan steps for Wekan Docker images in CI
 workflow

---
 .github/workflows/e2e-testing.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/e2e-testing.yml b/.github/workflows/e2e-testing.yml
index b8195b5a9..190ede912 100644
--- a/.github/workflows/e2e-testing.yml
+++ b/.github/workflows/e2e-testing.yml
@@ -34,7 +34,7 @@ jobs:
           # Save the tag for later steps
           echo "WEKAN_IMAGE_TAG=$TAG" >> $GITHUB_ENV
 
-      - name: Scan Wekan Docker image for vulnerabilities
+      - name: Scan Wekan Docker image for vulnerabilities(Wekan)
         uses: aquasecurity/trivy-action@master
         with:
           image-ref: '${{ secrets.DOCKERHUB_USERNAME }}/wekan:${{ env.WEKAN_IMAGE_TAG }}'
@@ -43,6 +43,15 @@ jobs:
           ignore-unfixed: true
           exit-code: 0
 
+      - name: Scan wekan-selenium Docker image for vulnerabilities
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'omriza5/wekan-selenium:1.0.0'
+          format: 'table'
+          severity: 'HIGH,CRITICAL'
+          ignore-unfixed: true
+          exit-code: 0
+
       - name: Create .env file
         run: |
           echo "WEKAN_IMAGE=omriza5/wekan:${WEKAN_IMAGE_TAG}" >> .env