francwa/alfred
1
0
Fork 0
Code Issues 1 Pull Requests 8 Actions Packages Projects Releases Wiki Activity

infra: added trivy vulnerability scanner to CI/CD
Some checks failed
CI/CD Awesome Pipeline / Test (push) Successful in 1m36s
Details
CI/CD Awesome Pipeline / Build & Push to Registry (push) Failing after 7m10s
Details

Browse Source
This commit is contained in:
Francwa
2025-12-22 10:01:52 +01:00
parent 79d23f936a
commit 56a3c1257d
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.gitea/workflows/ci.yml
View File

@@ -60,6 +60,7 @@ jobs:
password: ${{ secrets.G1T34_TOKEN }} password: ${{ secrets.G1T34_TOKEN }}
- name: Build and push - name: Build and push
id: docker_build
uses: docker/build-push-action@v5 uses: docker/build-push-action@v5
with: with:
context: . context: .
@@ -71,3 +72,12 @@ jobs:
PYTHON_VERSION=${{ steps.config.outputs.python_version }} PYTHON_VERSION=${{ steps.config.outputs.python_version }}
PYTHON_VERSION_SHORT=${{ steps.config.outputs.python_version_short }} PYTHON_VERSION_SHORT=${{ steps.config.outputs.python_version_short }}
RUNNER=${{ steps.config.outputs.runner }} RUNNER=${{ steps.config.outputs.runner }}
- name: 🛡️ Run Trivy Vulnerability Scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ steps.meta.outputs.tags }}
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITAL, HIGH'