updating dockerfile for best practices

2026-05-10 22:34:59 -05:00
parent 8d37b966ae
commit 5cc265583d
3 changed files with 20 additions and 1 deletions
@@ -13,6 +13,20 @@ jobs:
      - name: Checkout
        uses: actions/checkout@v4

+      # - name: Run Trivy vulnerability scanner in repo mode
+      #   uses: aquasecurity/trivy-action@v0.36.0
+      #   with:
+      #     scan-type: 'fs'
+      #     ignore-unfixed: true
+      #     format: 'sarif'
+      #     output: 'trivy-results.sarif'
+      #     severity: 'CRITICAL'
+
+      # - name: Upload Trivy scan results to GitHub Security tab
+      #   uses: github/codeql-action/upload-sarif@v4
+      #   with:
+      #     sarif_file: 'trivy-results.sarif'
+
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3