Add .gitea/workflows/*.yaml

2025-10-18 15:29:30 -07:00
parent 091411890b
commit 1cebfa83c3
1 changed files with 11 additions and 11 deletions
--- a/.gitea/workflows/010_ci_docker_image.yaml
+++ b/.gitea/workflows/010_ci_docker_image.yaml
@@ -103,18 +103,18 @@ jobs:
        with:
          name: image
          path: /tmp
-      - name: Load image
+      - name: Scan saved image tar with Trivy via Docker
        run: |
-          docker load --input /tmp/image.tar
-          docker image ls -a
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.28.0
-        with:
-          image-ref: ${{ inputs.image-name }}:${{ inputs.image-tag }}
-          format: 'json'
-          output: 'trivy-results.json'
-          severity: 'CRITICAL,HIGH'
-          cache: 'false' # Disable built-in cache
+          pwd
+          docker run --rm \
+            -v /tmp:/tmp \
+            -v "$PWD":/work \
+            aquasec/trivy:0.52.2 image \
+            --input /tmp/image.tar \
+            --format json \
+            --output /work/trivy-results.json \
+            --severity CRITICAL,HIGH \
+            --ignore-unfixed
      - name: Upload results
        uses: actions/upload-artifact@v3
        with: