From 1cebfa83c343fdaf46c990e08ab7df7e5064635f Mon Sep 17 00:00:00 2001
From: hangpersonal <hangcui1201@gmail.com>
Date: Sat, 18 Oct 2025 15:29:30 -0700
Subject: [PATCH] Add .gitea/workflows/*.yaml

---
 .gitea/workflows/010_ci_docker_image.yaml | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/.gitea/workflows/010_ci_docker_image.yaml b/.gitea/workflows/010_ci_docker_image.yaml
index d0a8233..c339ff2 100644
--- a/.gitea/workflows/010_ci_docker_image.yaml
+++ b/.gitea/workflows/010_ci_docker_image.yaml
@@ -103,18 +103,18 @@ jobs:
         with:
           name: image
           path: /tmp
-      - name: Load image
+      - name: Scan saved image tar with Trivy via Docker
         run: |
-          docker load --input /tmp/image.tar
-          docker image ls -a
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.28.0
-        with:
-          image-ref: ${{ inputs.image-name }}:${{ inputs.image-tag }}
-          format: 'json'
-          output: 'trivy-results.json'
-          severity: 'CRITICAL,HIGH'
-          cache: 'false' # Disable built-in cache
+          pwd
+          docker run --rm \
+            -v /tmp:/tmp \
+            -v "$PWD":/work \
+            aquasec/trivy:0.52.2 image \
+            --input /tmp/image.tar \
+            --format json \
+            --output /work/trivy-results.json \
+            --severity CRITICAL,HIGH \
+            --ignore-unfixed
       - name: Upload results
         uses: actions/upload-artifact@v3
         with: