MyShaarli/.github/workflows
nodiscc d48e06f438
run trivy vulnerability scanner on the 'latest' docker image
- run trivy from makefile so that it can be run both locally and through github actions
- usage: make test_trivy TRIVY_TARGET_DOCKER_IMAGE=regist.ry/user/image:tag
- tested by downgrading the base image to alpine 3.15.7 and verifying that vulnerabilities are reported (https://github.com/nodiscc/Shaarli/actions/runs/4860040980/jobs/8663400103)
- TEMP/TESTING only push image to ghcr.io, run trivy on trivy branch/docker tag as well as master
- ref. https://github.com/shaarli/Shaarli/issues/1531
2023-05-02 12:24:50 +02:00
..
ci.yml Drop support for PHP 7.1, 7.2 and 7.3 2023-03-18 14:27:41 -04:00
docker-latest.yml run trivy vulnerability scanner on the 'latest' docker image 2023-05-02 12:24:50 +02:00
docker-tags.yml github actions: build OCI images that contin both amd64 and armv7 2023-03-21 18:10:37 +01:00