From fa4deafcc65750cb8a6a08213fbb74f89baf69db Mon Sep 17 00:00:00 2001
From: Andrew Ridgway <ar17787@gmail.com>
Date: Mon, 29 Sep 2025 20:06:03 +1000
Subject: [PATCH] lets just install trivy

---
 .gitea/workflows/build_push.yml | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/.gitea/workflows/build_push.yml b/.gitea/workflows/build_push.yml
index fe11370..9e45188 100644
--- a/.gitea/workflows/build_push.yml
+++ b/.gitea/workflows/build_push.yml
@@ -45,14 +45,14 @@ jobs:
             git.aridgwayweb.com/armistace/blog:latest
 
       - name: Trivy Scan
-        uses: aquasecurity/trivy-action@master
-        with:
-          image-ref: ${{ vars.DOCKER_SERVER }}/${{ vars.DOCKER_USERNAME }}/blog:latest
-          format: table
-          exit-code: 1
-          ignore-unfixed: true
-          vuln-type: os,library
-          severity: HIGH,CRITICAL
+        run: |
+          echo "Installing Trivy
+          sudo apt-get install wget apt-transport-https gnupg lsb-release
+          wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
+          echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
+          sudo apt-get update
+          sudo apt-get install trivy
+          trivy image --format table --exit-code 1 --ignore-unfixed --vuln-type os,library --severity HIGH,CRITICAL git.aridgwayweb.com/armistace/blog:latest
 
       - name: Deploy
         run: |