heckyel/gitolite-cgit-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

.gitea: set Trivy DB from AWS

Browse Source
This commit is contained in:
Jesus 2024-10-13 02:15:33 +08:00
parent f5351ce012
commit 92d5171f1f
Signed by: heckyel
GPG Key ID: 531E723EED721D7C
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitea/workflows/release.yaml
View File

@ -49,7 +49,7 @@ jobs:
rusian/gitolite-cgit:latest rusian/gitolite-cgit:latest
- name: Run Trivy vulnerability scanner - name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master uses: aquasecurity/trivy-action@0.27.0
with: with:
image-ref: rusian/gitolite-cgit:latest image-ref: rusian/gitolite-cgit:latest
format: 'table' format: 'table'
@ -57,6 +57,11 @@ jobs:
ignore-unfixed: true ignore-unfixed: true
vuln-type: 'os' vuln-type: 'os'
severity: 'CRITICAL,HIGH' severity: 'CRITICAL,HIGH'
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
TRIVY_SKIP_DB_UPDATE: false
TRIVY_SKIP_JAVA_DB_UPDATE: false
- name: Push Docker image - name: Push Docker image
uses: docker/build-push-action@v6 uses: docker/build-push-action@v6