steve
/
geoserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #40 from hwbllmnn/trivy-scan 

Add trivy scan
pull/41/head
Nils Bühner 2023-12-20 11:43:48 +01:00 committed by GitHub
parent 493e819734 681267fcb6
commit 1402569b5a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.github/workflows/trivy.yml vendored 100644
View File

@ -0,0 +1,23 @@
name: build
on:
push:
branches:
- master
jobs:
build:
name: Build
runs-on: ubuntu-20.04
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Build image
run: docker build -t geoserver-docker.osgeo.org/geoserver:${{ github.sha }} .
- name: Run trivy
uses: aquasecurity/trivy-action@master
with:
image-ref: 'geoserver-docker.osgeo.org/geoserver:${{ github.sha }}'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'