armistace/blog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add trivy scan to pipeline
Some checks failed
Build and Push Image / Build and push image (push) Failing after 22m24s
Details

Browse Source
This commit is contained in:
Andrew Ridgway 2025-09-29 16:27:19 +10:00
parent ab23eec10b
commit d2a36f6d99
Signed by: armistace
GPG Key ID: C8D9EAC514B47EF1
1 changed files with 61 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.gitea/workflows/build_push.yml
View File

@ -44,6 +44,16 @@ jobs:
tags: |
git.aridgwayweb.com/armistace/blog:latest
- name: Trivy Scan
uses: aquasecurity/trivy-action@0.28.0
with:
image-ref: ${{ vars.DOCKER_SERVER }}/${{ vars.DOCKER_USERNAME }}/blog:latest
format: table
exit-code: 1
ignore-unfixed: true
vuln-type: os,library
severity: HIGH,CRITICAL
- name: Deploy
run: |
echo "Installing Kubectl"