diff --git a/.gitea/workflows/docker-build.yaml b/.gitea/workflows/docker-build.yaml index 68039d8..2bfc475 100644 --- a/.gitea/workflows/docker-build.yaml +++ b/.gitea/workflows/docker-build.yaml @@ -8,27 +8,27 @@ on: jobs: build: runs-on: ubuntu-latest - permissions: - contents: read # Required to checkout and read repo files - security-events: write # Required to upload SARIF files to Security tab + # permissions: + # contents: read # Required to checkout and read repo files + # security-events: write # Required to upload SARIF files to Security tab steps: - name: Checkout uses: actions/checkout@v4 - - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@v0.36.0 - with: - scan-type: 'fs' - ignore-unfixed: true - format: 'sarif' - output: 'trivy-results.sarif' - severity: 'CRITICAL,HIGH' + # - name: Run Trivy vulnerability scanner in repo mode + # uses: aquasecurity/trivy-action@v0.36.0 + # with: + # scan-type: 'fs' + # ignore-unfixed: true + # format: 'sarif' + # output: 'trivy-results.sarif' + # severity: 'CRITICAL,HIGH' - - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v4 - with: - sarif_file: 'trivy-results.sarif' + # - name: Upload Trivy scan results to GitHub Security tab + # uses: github/codeql-action/upload-sarif@v4 + # with: + # sarif_file: 'trivy-results.sarif' - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 diff --git a/Dockerfile b/Dockerfile index 23b8917..3b3d298 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,13 @@ FROM mcr.microsoft.com/powershell +USER 1000:1000 + ENV SCHEDULE=60 ENV GLUETUNFORWARDEDPORTFILE="/tmp/forwarded_port" VOLUME /tmp WORKDIR /data -ADD ["Start-QBTGluetunPortMgr.ps1", "/data/"] +COPY ["Start-QBTGluetunPortMgr.ps1", "/data/"] ENTRYPOINT ["pwsh", "-Command", "/data/Start-QBTGluetunPortMgr.ps1"] \ No newline at end of file