tebarius/Mysteryhelfer-web
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: tebarius:1.1.0
Branches Tags
tebarius:main
tebarius:1.1.3 tebarius:1.1.2 tebarius:1.1.1 tebarius:1.1.0 tebarius:1.0.1 tebarius:1.0.0 tebarius:0.8.1 tebarius:0.8.0 tebarius:0.7.3 tebarius:0.7.2 tebarius:0.7.1 tebarius:0.7.0 tebarius:0.6.1 tebarius:0.6.0 tebarius:0.5.0 tebarius:0.4.0
...
compare: tebarius:1.1.2
Branches Tags
tebarius:main
tebarius:1.1.3 tebarius:1.1.2 tebarius:1.1.1 tebarius:1.1.0 tebarius:1.0.1 tebarius:1.0.0 tebarius:0.8.1 tebarius:0.8.0 tebarius:0.7.3 tebarius:0.7.2 tebarius:0.7.1 tebarius:0.7.0 tebarius:0.6.1 tebarius:0.6.0 tebarius:0.5.0 tebarius:0.4.0

7 Commits
1.1.0 ... 1.1.2

Author SHA1 Message Date
tebarius
fcd1ee55a8 revert pandas to 2.3.2 for streamlit
Some checks failed
trivy-scan-image / trivy_image_scan (push) Failing after 1m33s
Details
trivy-scan-image / telegram-notify (push) Successful in 1s
Details
build-image / release-image (push) Successful in 8m44s
Details
2026-03-13 18:24:31 +01:00
tebarius
fc0244cc22 update requirements.txt
Some checks failed
build-image / release-image (push) Failing after 51s
Details
2026-03-13 18:20:07 +01:00
tebarius
f29fb3ae44 build and push when tag is set 2026-03-13 18:11:52 +01:00
tebarius
96dbea735c add telegram_bot
Some checks failed
trivy-scan-image / trivy_image_scan (push) Failing after 1m16s
Details
trivy-scan-image / telegram-notify (push) Successful in 2s
Details
2026-02-22 20:50:41 +01:00
tebarius
8a3e9956e9 scan only for high and critical 2026-02-21 11:11:00 +01:00
tebarius
6126680562 image-scan for all build-platforms
Some checks failed
trivy-scan-image / trivy_image_scan (push) Failing after 1m17s
Details 
agt-get upgrade in Dockerfile
 2026-02-15 14:57:30 +01:00
tebarius
4e8ac6f21a image-scan for all build-platforms 
agt-get upgrade in Dockerfile
 2026-02-15 14:56:46 +01:00
4 changed files with 46 additions and 12 deletions
Expand all files Collapse all files

15
.gitea/workflows/create_and_push_multiarch_container.yml
View File

@@ -1,13 +1,10 @@
name: build-image name: build-image
run-name: build and push Docker-Image run-name: build and push Docker-Image with tag:${{ github.ref_name }}
on: on:
workflow_dispatch: # Manuelles Auslösen des Workflows push:
inputs: tags:
image_tag: - "*"
description: '2. Tag für das Docker-Image (außer latest) (z.B. v1.0.0)'
required: true
default: '1.0.0'
env: env:
image_name: mysteryhelfer image_name: mysteryhelfer
@@ -47,7 +44,7 @@ jobs:
--file ./Dockerfile \ --file ./Dockerfile \
--platform linux/amd64,linux/arm64 \ --platform linux/amd64,linux/arm64 \
--tag ${{ env.registry_gitea }}/${{ env.user }}/${{ env.image_name }}:latest \ --tag ${{ env.registry_gitea }}/${{ env.user }}/${{ env.image_name }}:latest \
--tag ${{ env.registry_gitea }}/${{ env.user }}/${{ env.image_name }}:${{ github.event.inputs.image_tag }} \ --tag ${{ env.registry_gitea }}/${{ env.user }}/${{ env.image_name }}:${{ github.ref_name }} \
--tag ${{ env.user }}/${{ env.image_name }}:latest \ --tag ${{ env.user }}/${{ env.image_name }}:latest \
--tag ${{ env.user }}/${{ env.image_name }}:${{ github.event.inputs.image_tag }} \ --tag ${{ env.user }}/${{ env.image_name }}:${{ github.ref_name }} \
--push ./ --push ./

41
.gitea/workflows/trivy_image_scan.yml
View File

@@ -22,11 +22,48 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: aquasec/trivy:latest container: aquasec/trivy:latest
steps: steps:
- name: Scan image with trivy - name: Scan linux/amd64-image
run: | run: |
trivy image \ trivy image \
--exit-code 1 \ --exit-code 1 \
--scanners vuln,misconfig,secret \ --scanners vuln,misconfig,secret \
--severity MEDIUM,HIGH,CRITICAL \ --severity HIGH,CRITICAL \
--ignore-unfixed \ --ignore-unfixed \
--platform linux/amd64 \
${{ env.registry_gitea }}/${{ env.user }}/${{ env.image_name }}:${{ env.image_tag }} ${{ env.registry_gitea }}/${{ env.user }}/${{ env.image_name }}:${{ env.image_tag }}
- name: Scan linux/arm64-image
run: |
trivy image \
--exit-code 1 \
--scanners vuln,misconfig,secret \
--severity HIGH,CRITICAL \
--ignore-unfixed \
--platform linux/arm64 \
${{ env.registry_gitea }}/${{ env.user }}/${{ env.image_name }}:${{ env.image_tag }}
telegram-notify:
needs: trivy_image_scan
if: always()
runs-on: ubuntu-latest
steps:
- name: Telegram Alert
run: |
case "${{ needs.trivy_image_scan.result }}" in
"success") EMOJI="✅"; MSG="OK" ;;
"failure") EMOJI="❌"; MSG="WARN!" ;;
"cancelled") EMOJI="⏹️"; MSG="Canceled" ;;
*) EMOJI="❓"; MSG="Unknown-State: ${{ needs.trivy_image_scan.result }}" ;;
esac
curl -s -X POST "https://api.telegram.org/bot${{ secrets.TELEGRAM_BOT_TOKEN }}/sendMessage" \
-H 'Content-Type: application/json' \
-d "{
\"chat_id\": \"${{ secrets.TELEGRAM_CHAT_ID }}\",
\"parse_mode\": \"HTML\",
\"text\":
\"$EMOJI <b>$MSG - Scan ${{ env.image_name }}:${{ env.image_tag }}</b>
<i>$(date +"%Y-%m-%d %T")</i>
Trivy-Image-Scan of: <b><i>${{ env.image_name }}:${{ env.image_tag }}</i></b>
${{ gitea.server_url }}/${{ gitea.repository }}
\"
}"

2
Dockerfile
View File

@@ -7,8 +7,8 @@ LABEL description="tebarius Mysteryhelfer web"
ENV PYTHONDONTWRITEBYTECODE=1 ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1 ENV PYTHONUNBUFFERED=1
RUN apt-get update \ RUN apt-get update \
&& apt-get upgrade -y \
&& apt-get install -y --no-install-recommends curl \ && apt-get install -y --no-install-recommends curl \
&& apt-get clean \ && apt-get clean \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*

BIN
requirements.txt
View File

Binary file not shown.