k1nq/TREK
1
0
Fork 0
mirror of https://github.com/mauriceboe/TREK.git synced 2026-06-19 05:11:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f92b95e0546599f936b88dea5cd8fa1164eaa6cb
TREK/.github/workflows/security.yml
T
jubnl f92b95e054 fix(ci): move ACT guards to step level; add guards to security.yml 
env context is invalid in job-level if conditions — moved all ACT
guards down to individual steps. Also guards docker login + scout
in security.yml so act can run the build-only part of that workflow.
2026-05-25 21:10:36 +02:00

40 lines
791 B
YAML
Raw Blame History

name: Security Scan
on:
pull_request:
branches: [main]
push:
branches: [main]
permissions:
pull-requests: write
jobs:
scout:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: docker/setup-buildx-action@v3
- uses: docker/build-push-action@v5
with:
context: .
push: false
load: true
tags: trek:scan
- uses: docker/login-action@v3
if: ${{ !env.ACT }}
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- uses: docker/scout-action@v1
if: ${{ !env.ACT }}
with:
command: cves
image: trek:scan
only-severities: critical,high
exit-code: true
Reference in New Issue View Git Blame Copy Permalink