From 4e8ac6f21af3fe267e371879b711538aacf1209a Mon Sep 17 00:00:00 2001
From: tebarius <tba@gmx.li>
Date: Sun, 15 Feb 2026 14:56:46 +0100
Subject: [PATCH] image-scan for all build-platforms agt-get upgrade in
 Dockerfile

---
 .gitea/workflows/trivy_image_scan.yml | 14 +++++++++++++-
 Dockerfile                            |  2 +-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/.gitea/workflows/trivy_image_scan.yml b/.gitea/workflows/trivy_image_scan.yml
index 508934b..abd30f2 100644
--- a/.gitea/workflows/trivy_image_scan.yml
+++ b/.gitea/workflows/trivy_image_scan.yml
@@ -22,11 +22,23 @@ jobs:
     runs-on: ubuntu-latest
     container: aquasec/trivy:latest
     steps:
-      - name: Scan image with trivy
+      - name: Scan linux/amd64-image
+        run: |
+          trivy image \
+          --exit-code 1 \
+          --scanners vuln,misconfig,secret \
+          --severity HIGH,CRITICAL \
+          --ignore-unfixed \
+          --platform linux/amd64 \
+          ${{ env.registry_gitea }}/${{ env.user }}/${{ env.image_name }}:${{ env.image_tag }}
+      - name: Scan linux/arm64-image
         run: |
           trivy image \
           --exit-code 1 \
           --scanners vuln,misconfig,secret \
           --severity MEDIUM,HIGH,CRITICAL \
           --ignore-unfixed \
+          --platform linux/arm64 \
           ${{ env.registry_gitea }}/${{ env.user }}/${{ env.image_name }}:${{ env.image_tag }}
+
+,
diff --git a/Dockerfile b/Dockerfile
index 18f0999..f3dcbc9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,8 +7,8 @@ LABEL description="tebarius Mysteryhelfer web"
 ENV PYTHONDONTWRITEBYTECODE=1
 ENV PYTHONUNBUFFERED=1
 
-
 RUN apt-get update \
+    && apt-get upgrade -y \
     && apt-get install -y --no-install-recommends curl \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/*