From 6ca8e93da58d8330603788fc0540a34bb644e903 Mon Sep 17 00:00:00 2001
From: Zybjana Bedo <zbedo@broadinstitute.org>
Date: Thu, 25 Jul 2024 14:11:38 -0400
Subject: [PATCH] Edit workflow

---
 .github/workflows/trivy.yml | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index b0158fed..1b40ca08 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -2,7 +2,7 @@ name: dsp-appsec-trivy
 on:
   pull_request:
   schedule:
-    - cron: '0 14 * * 1' # each Monday at 9am EST
+    - cron: '0 0 * * 0'
 
 jobs:
   appsec-trivy:
@@ -10,18 +10,14 @@ jobs:
     name: DSP AppSec Trivy check
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
 
       - uses: broadinstitute/dsp-appsec-trivy-action@v1
         with:
           sarif: trivy-results.sarif
 
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
-        if: ${{ !github.base_ref }} # omit upload on PRs
-        with:
-          sarif_file: trivy-results.sarif
-
        - name: Notify in Slack
         if: failure()
         uses: broadinstitute/action-slack@v3.15.0