From 62054d709e6f2fff0e5ff511477b3fb797dc0e67 Mon Sep 17 00:00:00 2001
From: Jon Ayers <jon@coder.com>
Date: Mon, 25 Nov 2024 23:22:03 +0000
Subject: [PATCH 1/2] chore: create Github release in CI release workflow

---
 .github/workflows/release.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index d73a466..adb1d2e 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -124,3 +124,11 @@ jobs:
         run: |
           git tag -a ${{ github.event.inputs.version }} -m ${{ github.event.inputs.version }}
           git push --tags
+      - name: Create Release
+        run: |
+          version=${{ github.event.inputs.version }}
+          if [[ $version == *-rc* ]]; then
+            gh release create "$version" -t "$version" --generate-notes --prerelease --latest=false --verify-tag
+          else
+            gh release create $version -t $version --generate-notes --verify-tag
+          fi

From 3b100af08f6cc49259aaeac04a1ab7428c0c08d9 Mon Sep 17 00:00:00 2001
From: Jon Ayers <jon@coder.com>
Date: Mon, 25 Nov 2024 23:32:17 +0000
Subject: [PATCH 2/2] bump trivy action

---
 .github/workflows/ci.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index feaf3c0..27ea117 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -190,7 +190,7 @@ jobs:
         run: make -j build/image/envbox
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@8bd2f9fbda2109502356ff8a6a89da55b1ead252
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: envbox:latest
           format: sarif