steve
/
geoserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore(deps): pin dependencies

pull/65/head
renovate[bot] 2024-07-30 10:01:36 +00:00 committed by GitHub
parent 9ae7c75cc4
commit 83d131be39
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/trivy.yml vendored
View File

@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Build image
run: docker build -t geoserver-docker.osgeo.org/geoserver:${{ github.sha }} .
- name: Run trivy
@ -22,6 +22,6 @@ jobs:
severity: 'CRITICAL,HIGH'
vuln-type: 'os,library'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
uses: github/codeql-action/upload-sarif@3e0e84636c6f5df46a2cb232ae1dd1384713150d # v2
with:
sarif_file: 'trivy-results.sarif'

2
Dockerfile
View File

@ -1,4 +1,4 @@
FROM tomcat:9.0.91-jdk11-temurin-jammy
FROM tomcat:9.0.91-jdk11-temurin-jammy@sha256:773822dc3543ae612d1710fe68ea4d21455edde94aa0ad216c3d769723b53c42
LABEL vendor="osgeo.org"
# Build arguments

2
docker-compose-demo.yml
View File

@ -29,7 +29,7 @@ services:
retries: 3
timeout: 20s
postgis:
image: postgis/postgis:16-3.4-alpine
image: postgis/postgis:16-3.4-alpine@sha256:5cc92acec6cb62b56e55f5b74d065f29c1ebfc9a6e7edc8b443b9f9d17edab0d
ports:
- "5555:5432"
environment: