kelly/qbt-gluetun-portmgr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding SAST
Build and Push Docker Image / build (push) Failing after 5m45s
Details

Browse Source
This commit is contained in:
Kelly Thomas Reardon
2026-05-10 21:45:55 -05:00
parent fa9a5ad430
commit 57c76771d4
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/docker-build.yaml
+14
View File
@@ -13,6 +13,20 @@ jobs:
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@v0.36.0
with:
scan-type: 'fs'
ignore-unfixed: true
format: 'sarif'
output: 'trivy-results.sarif'
severity: 'CRITICAL,HIGH'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v4
with:
sarif_file: 'trivy-results.sarif'
- name: Set up Docker Buildx - name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3 uses: docker/setup-buildx-action@v3