sk4nz/skz-genesis-actions
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Disable trivy

Browse Source
This commit is contained in:
Samuel Aubertin
2026-01-18 09:44:26 +01:00
parent 8d2988f28f
commit e496b57dfd
1 changed files with 23 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
.forgejo/workflows/ci.yaml
View File

@@ -66,29 +66,29 @@ jobs:
echo "IMAGE_REF=${IMAGE_REF}" >> "${GITHUB_ENV}" echo "IMAGE_REF=${IMAGE_REF}" >> "${GITHUB_ENV}"
docker build -t "${IMAGE_REF}" . docker build -t "${IMAGE_REF}" .
- name: Trivy scan (securecodebox) # - name: Trivy scan (securecodebox)
run: | # run: |
docker run --rm \ # docker run --rm \
-v /var/run/docker.sock:/var/run/docker.sock \ # -v /var/run/docker.sock:/var/run/docker.sock \
-v "${PWD}:/workspace" \ # -v "${PWD}:/workspace" \
-w /workspace \ # -w /workspace \
harbor.k8s.sk4.nz/docker-mirror/aquasec/trivy:latest \ # harbor.k8s.sk4.nz/docker-mirror/aquasec/trivy:latest \
image --no-progress --format json --output trivy-results.json "${IMAGE_REF}" # image --no-progress --format json --output trivy-results.json "${IMAGE_REF}"
#
- name: Upload to DefectDojo # - name: Upload to DefectDojo
run: | # run: |
curl -sSf -X POST "${DEFECTDOJO_URL}/api/v2/import-scan/" \ # curl -sSf -X POST "${DEFECTDOJO_URL}/api/v2/import-scan/" \
-H "Authorization: Token ${DEFECTDOJO_API_KEY}" \ # -H "Authorization: Token ${DEFECTDOJO_API_KEY}" \
-F "scan_type=Trivy Scan" \ # -F "scan_type=Trivy Scan" \
-F "minimum_severity=Low" \ # -F "minimum_severity=Low" \
-F "product_type_name=${DEFECTDOJO_PRODUCT_TYPE}" \ # -F "product_type_name=${DEFECTDOJO_PRODUCT_TYPE}" \
-F "product_name=${DEFECTDOJO_PRODUCT}" \ # -F "product_name=${DEFECTDOJO_PRODUCT}" \
-F "engagement_name=${DEFECTDOJO_ENGAGEMENT}" \ # -F "engagement_name=${DEFECTDOJO_ENGAGEMENT}" \
-F "file=@trivy-results.json" \ # -F "file=@trivy-results.json" \
-F "verified=true" \ # -F "verified=true" \
-F "active=true" # -F "active=true"
env: # env:
DEFECTDOJO_API_KEY: ${{ secrets.DEFECTDOJO_API_KEY }} # DEFECTDOJO_API_KEY: ${{ secrets.DEFECTDOJO_API_KEY }}
- name: Login to registry (push) - name: Login to registry (push)
run: | run: |