From 604194d1b87b2b029e3bd5322c13a98502d31aed Mon Sep 17 00:00:00 2001
From: Joe Previte <jjprevite@gmail.com>
Date: Wed, 12 May 2021 10:25:07 -0700
Subject: [PATCH 1/3] fix: re-enable trivy-scan-repo

---
 .github/workflows/ci.yaml | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 39a9136b..98a7acdf 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -466,16 +466,12 @@ jobs:
   # codeql/upload-sarif action per job
   trivy-scan-repo:
     runs-on: ubuntu-20.04
-    # NOTE@jsjoeio 5/10/2021
-    # Disabling until fixed upstream
-    # See: https://github.com/aquasecurity/trivy-action/issues/22#issuecomment-833768084
-    if: "1 == 2"
     steps:
       - name: Checkout code
         uses: actions/checkout@v2
       - name: Run Trivy vulnerability scanner in repo mode
-        #Commit SHA for v0.0.14
-        uses: aquasecurity/trivy-action@341f810bd602419f966a081da3f4debedc3e5c8e
+        #Commit SHA for v0.0.15
+        uses: aquasecurity/trivy-action@9789b6ae3b29487541292242e416cd89e4e54874
         with:
           scan-type: "fs"
           scan-ref: "."

From 065b1411067f1b77da83769998b3bbe3aa89e674 Mon Sep 17 00:00:00 2001
From: Joe Previte <jjprevite@gmail.com>
Date: Wed, 12 May 2021 10:29:07 -0700
Subject: [PATCH 2/3] chore: update CHANGELOG

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 535dac36..6b7e6bcf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -75,6 +75,7 @@ VS Code v1.56
 
 - chore: ignore updates to microsoft/playwright-github-action
 - fix(socket): use xdgBasedir.runtime instead of tmp #3304 @jsjoeio
+- fix(ci): re-enable trivy-scan-repo #3368 @jsjoeio
 
 ## 3.10.0
 

From 5fe76bdecf65e3f24c1adb3fdca8bba6d769f154 Mon Sep 17 00:00:00 2001
From: Joe Previte <jjprevite@gmail.com>
Date: Wed, 12 May 2021 10:31:48 -0700
Subject: [PATCH 3/3] fix: update trivy-action to v0.0.17

---
 .github/workflows/ci.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 98a7acdf..cb210d86 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -446,8 +446,8 @@ jobs:
           path: ./release-images
 
       - name: Run Trivy vulnerability scanner in image mode
-        # Commit SHA for v0.0.14
-        uses: aquasecurity/trivy-action@341f810bd602419f966a081da3f4debedc3e5c8e
+        # Commit SHA for v0.0.17
+        uses: aquasecurity/trivy-action@dba83feec810c70bacbc4bead308ae1e466c572b
         with:
           input: "./release-images/code-server-amd64-*.tar"
           scan-type: "image"
@@ -470,8 +470,8 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v2
       - name: Run Trivy vulnerability scanner in repo mode
-        #Commit SHA for v0.0.15
-        uses: aquasecurity/trivy-action@9789b6ae3b29487541292242e416cd89e4e54874
+        #Commit SHA for v0.0.17
+        uses: aquasecurity/trivy-action@dba83feec810c70bacbc4bead308ae1e466c572b
         with:
           scan-type: "fs"
           scan-ref: "."