d48e06f438
- run trivy from makefile so that it can be run both locally and through github actions - usage: make test_trivy TRIVY_TARGET_DOCKER_IMAGE=regist.ry/user/image:tag - tested by downgrading the base image to alpine 3.15.7 and verifying that vulnerabilities are reported (https://github.com/nodiscc/Shaarli/actions/runs/4860040980/jobs/8663400103) - TEMP/TESTING only push image to ghcr.io, run trivy on trivy branch/docker tag as well as master - ref. https://github.com/shaarli/Shaarli/issues/1531 |
||
---|---|---|
.. | ||
ci.yml | ||
docker-latest.yml | ||
docker-tags.yml |