Disable trivy

2026-01-18 09:44:26 +01:00
parent 8d2988f28f
commit e496b57dfd
1 changed files with 23 additions and 23 deletions
--- a/.forgejo/workflows/ci.yaml
+++ b/.forgejo/workflows/ci.yaml
@@ -66,29 +66,29 @@ jobs:
          echo "IMAGE_REF=${IMAGE_REF}" >> "${GITHUB_ENV}"
          docker build -t "${IMAGE_REF}" .

-      - name: Trivy scan (securecodebox)
-        run: |
-          docker run --rm \
-            -v /var/run/docker.sock:/var/run/docker.sock \
-            -v "${PWD}:/workspace" \
-            -w /workspace \
-            harbor.k8s.sk4.nz/docker-mirror/aquasec/trivy:latest \
-            image --no-progress --format json --output trivy-results.json "${IMAGE_REF}"
-
-      - name: Upload to DefectDojo
-        run: |
-          curl -sSf -X POST "${DEFECTDOJO_URL}/api/v2/import-scan/" \
-            -H "Authorization: Token ${DEFECTDOJO_API_KEY}" \
-            -F "scan_type=Trivy Scan" \
-            -F "minimum_severity=Low" \
-            -F "product_type_name=${DEFECTDOJO_PRODUCT_TYPE}" \
-            -F "product_name=${DEFECTDOJO_PRODUCT}" \
-            -F "engagement_name=${DEFECTDOJO_ENGAGEMENT}" \
-            -F "file=@trivy-results.json" \
-            -F "verified=true" \
-            -F "active=true"
-        env:
-          DEFECTDOJO_API_KEY: ${{ secrets.DEFECTDOJO_API_KEY }}
+#      - name: Trivy scan (securecodebox)
+#        run: |
+#          docker run --rm \
+#            -v /var/run/docker.sock:/var/run/docker.sock \
+#            -v "${PWD}:/workspace" \
+#            -w /workspace \
+#            harbor.k8s.sk4.nz/docker-mirror/aquasec/trivy:latest \
+#            image --no-progress --format json --output trivy-results.json "${IMAGE_REF}"
+#
+#      - name: Upload to DefectDojo
+#        run: |
+#          curl -sSf -X POST "${DEFECTDOJO_URL}/api/v2/import-scan/" \
+#            -H "Authorization: Token ${DEFECTDOJO_API_KEY}" \
+#            -F "scan_type=Trivy Scan" \
+#            -F "minimum_severity=Low" \
+#            -F "product_type_name=${DEFECTDOJO_PRODUCT_TYPE}" \
+#            -F "product_name=${DEFECTDOJO_PRODUCT}" \
+#            -F "engagement_name=${DEFECTDOJO_ENGAGEMENT}" \
+#            -F "file=@trivy-results.json" \
+#            -F "verified=true" \
+#            -F "active=true"
+#        env:
+#          DEFECTDOJO_API_KEY: ${{ secrets.DEFECTDOJO_API_KEY }}

      - name: Login to registry (push)
        run: |