diff --git a/.gitea/workflows/010_ci_docker_image.yaml b/.gitea/workflows/010_ci_docker_image.yaml index f02da84..9efe946 100644 --- a/.gitea/workflows/010_ci_docker_image.yaml +++ b/.gitea/workflows/010_ci_docker_image.yaml @@ -15,10 +15,10 @@ jobs: steps: - name: Checkout source code uses: actions/checkout@v4 - - name: Install Python 3.10.12 + - name: Install Python 3.10 uses: actions/setup-python@v4 with: - python-version: '3.10.12' + python-version: '3.10' - name: Install tox run: pip install tox - name: Run lint @@ -31,10 +31,10 @@ jobs: steps: - name: Checkout source code uses: actions/checkout@v4 - - name: Install Python 3.10.12 + - name: Install Python 3.10 uses: actions/setup-python@v4 with: - python-version: '3.10.12' + python-version: '3.10' - name: Install tox run: pip install tox - name: Run unit tests @@ -78,35 +78,7 @@ jobs: run: | docker load --input /tmp/image.tar docker image ls -a - docker run -p 8080:80 -d ${{ vars.IMAGE }}:${{ inputs.image-tag }} - sleep 5 - curl --fail 'http://localhost:8080/' - - vulnerability-scan: - runs-on: ubuntu-22.04 - needs: [build-image] - steps: - - name: Download artifact - uses: actions/download-artifact@v3 - with: - name: image - path: /tmp - - name: Load image - run: | - docker load --input /tmp/image.tar - docker image ls -a - - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master - with: - image-ref: ${{ vars.IMAGE }}:${{ inputs.image-tag }} - format: 'json' - output: 'trivy-results.json' - severity: 'CRITICAL,HIGH' - - name: Upload results - uses: actions/upload-artifact@v3 - with: - name: trivy-results - path: ${{ github.workspace }}/trivy-results.json + docker run --rm ${{ vars.IMAGE }}:${{ inputs.image-tag }} publish-image: runs-on: ubuntu-22.04