From ed4bc37f68f7707de2eccdf4255c04652423bf0a Mon Sep 17 00:00:00 2001
From: tebarius <tba@gmx.li>
Date: Sat, 13 Dec 2025 22:31:16 +0100
Subject: [PATCH] imagescan_action

---
 .gitea/workflows/trivy_scan_image.yml | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/.gitea/workflows/trivy_scan_image.yml b/.gitea/workflows/trivy_scan_image.yml
index f960fdd..30a1ba1 100644
--- a/.gitea/workflows/trivy_scan_image.yml
+++ b/.gitea/workflows/trivy_scan_image.yml
@@ -14,12 +14,17 @@ env:
   user: tebarius
 
 jobs:
-  release-image:
+  trivy_cimage_scan:
     runs-on: ubuntu-latest
     container: aquasec/trivy:latest
     steps:
       - name: Scan image with trivy
         run: |
-          trivy image --username ${{ env.user }} --password ${{ secrets.DOCKER_PULL_TOKEN }} --exit-code 1 \
+          trivy image \
+          --username ${{ env.user }} \
+          --password ${{ secrets.DOCKER_PULL_TOKEN }} \
+          --exit-code 1 \
           --scanners vuln,misconfig,secret \
+          --severity MEDIUM,HIGH,CRITICAL \
+          --ignore-unfixed \
           ${{ env.registry }}/${{ env.user }}/${{ env.image_name }}:${{ github.event.inputs.image_tag }}