armistace/pr_reviewer
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

update trivy again
Some checks failed
Build and Push Image / Build and push image (push) Failing after 52m15s
Details

Browse Source
This commit is contained in:
Andrew Ridgway 2026-05-20 22:11:39 +10:00
parent 7211b02c69
commit 1a4bb3634b
Signed by: armistace
GPG Key ID: C8D9EAC514B47EF1
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.gitea/workflows/build_push.yml
View File

@ -46,10 +46,12 @@ jobs:
- name: Trivy Scan - name: Trivy Scan
run: | run: |
echo "Installing Trivy (latest from GitHub)" TRIVY_VERSION=$(curl -s https://api.github.com/repos/aquasecurity/trivy/releases/latest | grep '"tag_name"' | cut -d'"' -f4)
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin wget -qO /tmp/trivy.tar.gz "https://github.com/aquasecurity/trivy/releases/download/${TRIVY_VERSION}/trivy_${TRIVY_VERSION#v}_Linux-64bit.tar.gz"
tar xzf /tmp/trivy.tar.gz -C /usr/local/bin trivy
chmod +x /usr/local/bin/trivy
trivy image --format table --exit-code 1 --ignore-unfixed --vuln-type os,library --severity HIGH,CRITICAL git.aridgwayweb.com/armistace/pr-reviewer:latest trivy image --format table --exit-code 1 --ignore-unfixed --vuln-type os,library --severity HIGH,CRITICAL git.aridgwayweb.com/armistace/pr-reviewer:latest
- name: Deploy - name: Deploy
run: | run: |
echo "Installing Kubectl" echo "Installing Kubectl"
@ -72,4 +74,4 @@ jobs:
--from-literal=TOTAL_FLOW_TIMEOUT=600 \ --from-literal=TOTAL_FLOW_TIMEOUT=600 \
--from-literal=PER_CREW_TIMEOUT=300 \ --from-literal=PER_CREW_TIMEOUT=300 \
--namespace=pr-reviewer --namespace=pr-reviewer
kubectl apply -f kube/pr-reviewer_deployment.yaml && kubectl apply -f kube/pr-reviewer_service.yaml kubectl apply -f kube/pr-reviewer_deployment.yaml && kubectl apply -f kube/pr-reviewer_service.yaml