From 893dfd4d56ecdb6c136dbd219bacc488aeab0682 Mon Sep 17 00:00:00 2001 From: tebarius Date: Sun, 15 Feb 2026 14:00:53 +0100 Subject: [PATCH] add triviy-imagge-scan-job for all platforms --- .gitea/workflows/trivy_scan_image.yml | 36 ++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/trivy_scan_image.yml b/.gitea/workflows/trivy_scan_image.yml index e6c4089..f31c479 100644 --- a/.gitea/workflows/trivy_scan_image.yml +++ b/.gitea/workflows/trivy_scan_image.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest container: aquasec/trivy:latest steps: - - name: Scan image with trivy + - name: Scan linux/amd64-image run: | trivy image \ --username ${{ env.user }} \ @@ -31,4 +31,38 @@ jobs: --scanners vuln,misconfig,secret \ --severity HIGH,CRITICAL \ --ignore-unfixed \ + --platform linux/amd64 \ + ${{ env.registry }}/${{ env.user }}/${{ env.image_name }}:${{ env.image_tag }} + - name: Scan linux/386-image + run: | + trivy image \ + --username ${{ env.user }} \ + --password ${{ secrets.DOCKER_PULL_TOKEN }} \ + --exit-code 1 \ + --scanners vuln,misconfig,secret \ + --severity HIGH,CRITICAL \ + --ignore-unfixed \ + --platform linux/386 \ + ${{ env.registry }}/${{ env.user }}/${{ env.image_name }}:${{ env.image_tag }} + - name: Scan linux/arm64-image + run: | + trivy image \ + --username ${{ env.user }} \ + --password ${{ secrets.DOCKER_PULL_TOKEN }} \ + --exit-code 1 \ + --scanners vuln,misconfig,secret \ + --severity HIGH,CRITICAL \ + --ignore-unfixed \ + --platform linux/arm64 \ + ${{ env.registry }}/${{ env.user }}/${{ env.image_name }}:${{ env.image_tag }} + - name: Scan linux/arm/v7-image + run: | + trivy image \ + --username ${{ env.user }} \ + --password ${{ secrets.DOCKER_PULL_TOKEN }} \ + --exit-code 1 \ + --scanners vuln,misconfig,secret \ + --severity HIGH,CRITICAL \ + --ignore-unfixed \ + --platform linux/arm/v7 \ ${{ env.registry }}/${{ env.user }}/${{ env.image_name }}:${{ env.image_tag }}