feat: finalized CI/CD pipeline setup

2025-12-22 11:59:36 +01:00
parent 8a87d94e6d
commit 974d008825
1 changed files with 12 additions and 8 deletions
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -2,11 +2,10 @@ name: CI/CD Awesome Pipeline

 on:
  push:
-    branches: [main]
    tags:
      - 'v*.*.*'
-  pull_request:
-    branches: [main]
+
+workflow_dispatch:

 env:
  REGISTRY_URL: ${{ vars.REGISTRY_URL || 'gitea.iswearihadsomethingforthis.net' }}
@@ -45,12 +44,10 @@ jobs:
        with:
          images: gitea.iswearihadsomethingforthis.net/francwa/${{ steps.config.outputs.image_name }}
          tags: |
-            # Case 1 - Git Tag (v1.2.3)
+            # Tagged (v1.2.3)
            type=semver,pattern={{ version }}
-            # Case 2 - Push on main
+            # Latest
            type=raw,value=latest,enable={{ is_default_branch }}
-            # Both case - Commit sha
-            type=sha

      - name: Login to Gitea Registry
        uses: docker/login-action@v3
@@ -81,4 +78,11 @@ jobs:
          # Unset the fake GITHUB_TOKEN injected by Gitea
          GITHUB_TOKEN: ""
        with:
-          args: image --format table --exit-code 1 --ignore-unfixed --severity CRITICAL,HIGH gitea.iswearihadsomethingforthis.net/francwa/${{ steps.config.outputs.image_name }}:latest
+          args: image --format table --output trivy-report.txt --exit-code 0 --ignore-unfixed --severity CRITICAL,HIGH gitea.iswearihadsomethingforthis.net/francwa/${{ steps.config.outputs.image_name }}:latest
+
+      - name: 📤 Upload Security Report
+        uses: actions/upload-artifact@v4
+        with:
+          name: security-report
+          path: trivy-report.txt
+          retention-days: 7