This commit is contained in:
14
.drone.yml
14
.drone.yml
@@ -79,16 +79,12 @@ steps:
|
|||||||
- push
|
- push
|
||||||
- tag
|
- tag
|
||||||
|
|
||||||
- name: scan-image
|
- name: verify-image
|
||||||
image: aquasec/trivy:latest
|
image: alpine:latest
|
||||||
environment:
|
|
||||||
TRIVY_USERNAME:
|
|
||||||
from_secret: docker_username
|
|
||||||
TRIVY_PASSWORD:
|
|
||||||
from_secret: docker_password
|
|
||||||
commands:
|
commands:
|
||||||
- echo "Scanning image for vulnerabilities..."
|
- echo "Image built successfully: registry.nevetime.ru/mc-panel:${DRONE_COMMIT_SHA:0:8}"
|
||||||
- trivy image --exit-code 0 --severity HIGH,CRITICAL registry.nevetime.ru/mc-panel:${DRONE_COMMIT_SHA:0:8}
|
- echo "Security scanning can be done manually with:"
|
||||||
|
- echo "trivy image registry.nevetime.ru/mc-panel:${DRONE_COMMIT_SHA:0:8}"
|
||||||
when:
|
when:
|
||||||
event:
|
event:
|
||||||
- push
|
- push
|
||||||
|
|||||||
Reference in New Issue
Block a user