From 035a2b5ed5f4d5c688d919be9e6e38f6a914e17f Mon Sep 17 00:00:00 2001
From: Aliaksandr Valialkin <valyala@victoriametrics.com>
Date: Thu, 9 Feb 2023 14:25:01 -0800
Subject: [PATCH] all: skip issues with low severity at `docker scan`

---
 .github/workflows/nightly-build.yml | 2 +-
 deployment/docker/Makefile          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/nightly-build.yml b/.github/workflows/nightly-build.yml
index 834fc693e..bb9730d8a 100644
--- a/.github/workflows/nightly-build.yml
+++ b/.github/workflows/nightly-build.yml
@@ -42,7 +42,7 @@ jobs:
 
       - name: build & publish
         run: |
-          docker scan --login --token "$SNYK_TOKEN" --accept-license
+          docker scan --severity=medium --login --token "$SNYK_TOKEN" --accept-license
           LATEST_TAG=nightly PKG_TAG=nightly make publish
         env: 
           SNYK_TOKEN: ${{ secrets.SNYK_AUTH_TOKEN }}
diff --git a/deployment/docker/Makefile b/deployment/docker/Makefile
index 5ad58705d..c4a288a4f 100644
--- a/deployment/docker/Makefile
+++ b/deployment/docker/Makefile
@@ -17,7 +17,7 @@ package-base:
 			deployment/docker/base
 
 docker-scan: package-base
-	docker scan --accept-license $(BASE_IMAGE) || (echo "❌ The build has been terminated because critical vulnerabilities were found in $(BASE_IMAGE)"; exit 1)
+	docker scan --severity=medium --accept-license $(BASE_IMAGE) || (echo "❌ The build has been terminated because critical vulnerabilities were found in $(BASE_IMAGE)"; exit 1)
 
 package-builder:
 	(docker image ls --format '{{.Repository}}:{{.Tag}}' | grep -q '$(BUILDER_IMAGE)$$') \