fix: use docker image for trivy vulnerability scanner

fix! added directive to Dockerfile
2025-12-22 11:38:35 +01:00 · 2025-12-22 11:37:48 +01:00
2 changed files with 7 additions and 8 deletions
@@ -74,13 +74,11 @@ jobs:
            RUNNER=${{ steps.config.outputs.runner }}
      - name: 🛡️ Run Trivy Vulnerability Scanner
-        uses: aquasecurity/trivy-action@master
+        uses: docker://aquasec/trivy:latest
        env:
          TRIVY_USERNAME: ${{ gitea.actor }}
          TRIVY_PASSWORD: ${{ secrets.G1T34_TOKEN }}
          # Unset the fake GITHUB_TOKEN injected by Gitea
          GITHUB_TOKEN: ""
        with:
-          image-ref: ${{ steps.meta.outputs.tags }}
+          args: image --format table --exit-code 1 --ignore-unfixed --severity CRITICAL,HIGH gitea.iswearihadsomethingforthis.net/francwa/${{ steps.config.outputs.image_name }}:latest
          format: 'table'
          exit-code: '1'
          ignore-unfixed: true
          severity: 'CRITAL, HIGH'
@@ -1,5 +1,6 @@
-# Dockerfile for Agent Media
+# syntax=docker/dockerfile:1
-# Multi-stage build for smaller image size
+# check=skip=InvalidDefaultArgInFrom
 ARG PYTHON_VERSION
 ARG PYTHON_VERSION_SHORT
 ARG RUNNER
Author	SHA1	Message	Date
francwa	8a87d94e6d	fix: use docker image for trivy vulnerability scanner CI/CD Awesome Pipeline / Test (push) Successful in 1m23s Details CI/CD Awesome Pipeline / Build & Push to Registry (push) Failing after 5m9s Details	2025-12-22 11:38:35 +01:00
francwa	ec99a501fc	fix! added directive to Dockerfile	2025-12-22 11:37:48 +01:00