heckyel/hyperbola-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

.gitea: set Trivy DB from AWS
Some checks failed
git-sync-with-mirror / git-sync (push) Successful in 24s
Details
release / release-default (push) Failing after 11m24s
Details

Browse Source
This commit is contained in:
Jesus 2024-10-13 02:10:07 +08:00
parent 1673c569e6
commit a81f7d3186
Signed by: heckyel
GPG Key ID: 531E723EED721D7C
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitea/workflows/release.yaml
View File

@ -88,7 +88,7 @@ jobs:
${{ secrets.DOCKER_REGISTRY_USER}}/hypermirror:v${{ steps.meta.outputs.IMAGE_VERSION }} ${{ secrets.DOCKER_REGISTRY_USER}}/hypermirror:v${{ steps.meta.outputs.IMAGE_VERSION }}
- name: Run Trivy vulnerability scanner - name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master uses: aquasecurity/trivy-action@0.27.0
with: with:
image-ref: ${{ secrets.DOCKER_REGISTRY_USER}}/hypermirror:latest image-ref: ${{ secrets.DOCKER_REGISTRY_USER}}/hypermirror:latest
format: 'table' format: 'table'
@ -96,6 +96,11 @@ jobs:
ignore-unfixed: true ignore-unfixed: true
vuln-type: 'os' vuln-type: 'os'
severity: 'CRITICAL,HIGH' severity: 'CRITICAL,HIGH'
env:
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
TRIVY_SKIP_DB_UPDATE: false
TRIVY_SKIP_JAVA_DB_UPDATE: false
- name: Push Docker image - name: Push Docker image
uses: docker/build-push-action@v6 uses: docker/build-push-action@v6