mirror of
https://github.com/tommytran732/Matrix.to-Docker
synced 2024-11-23 18:21:33 -05:00
Use Ubuntu 24.04 runners
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
parent
4f6053a6bb
commit
d54e386a39
22
.github/workflows/build.yml
vendored
22
.github/workflows/build.yml
vendored
@ -19,7 +19,7 @@ env:
|
|||||||
jobs:
|
jobs:
|
||||||
build:
|
build:
|
||||||
name: Build & push new image
|
name: Build & push new image
|
||||||
runs-on: "ubuntu-latest"
|
runs-on: ubuntu-24.04
|
||||||
permissions:
|
permissions:
|
||||||
contents: read
|
contents: read
|
||||||
packages: write
|
packages: write
|
||||||
@ -72,36 +72,36 @@ jobs:
|
|||||||
needs: build
|
needs: build
|
||||||
permissions:
|
permissions:
|
||||||
security-events: write
|
security-events: write
|
||||||
runs-on: "ubuntu-latest"
|
runs-on: "ubuntu-24.04"
|
||||||
steps:
|
steps:
|
||||||
- name: Run Trivy vulnerability scanner
|
- name: Run Trivy vulnerability scanner
|
||||||
uses: aquasecurity/trivy-action@master
|
uses: aquasecurity/trivy-action@master
|
||||||
with:
|
with:
|
||||||
image-ref: 'ghcr.io/tommytran732/matrix.to'
|
image-ref: ghcr.io/tommytran732/matrix.to
|
||||||
format: 'template'
|
format: template
|
||||||
template: '@/contrib/sarif.tpl'
|
template: '@/contrib/sarif.tpl'
|
||||||
output: 'trivy-results.sarif'
|
output: trivy-results.sarif
|
||||||
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
|
severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
|
||||||
vuln-type: "os,library"
|
vuln-type: os,library
|
||||||
|
|
||||||
- name: Upload Trivy scan results to GitHub Security tab
|
- name: Upload Trivy scan results to GitHub Security tab
|
||||||
uses: github/codeql-action/upload-sarif@v3
|
uses: github/codeql-action/upload-sarif@v3
|
||||||
with:
|
with:
|
||||||
sarif_file: 'trivy-results.sarif'
|
sarif_file: trivy-results.sarif
|
||||||
category: 'trivy'
|
category: trivy
|
||||||
|
|
||||||
grype:
|
grype:
|
||||||
name: Scan current image with Grype
|
name: Scan current image with Grype
|
||||||
needs: build
|
needs: build
|
||||||
permissions:
|
permissions:
|
||||||
security-events: write
|
security-events: write
|
||||||
runs-on: "ubuntu-latest"
|
runs-on: ubuntu-24.04
|
||||||
steps:
|
steps:
|
||||||
- name: Run Grype vulnerability scanner
|
- name: Run Grype vulnerability scanner
|
||||||
uses: anchore/scan-action@v4
|
uses: anchore/scan-action@v4
|
||||||
id: grype
|
id: grype
|
||||||
with:
|
with:
|
||||||
image: "ghcr.io/tommytran732/matrix.to"
|
image: ghcr.io/tommytran732/matrix.to
|
||||||
fail-build: false
|
fail-build: false
|
||||||
|
|
||||||
- name: Upload Grype scan results to GitHub Security tab
|
- name: Upload Grype scan results to GitHub Security tab
|
||||||
|
Loading…
Reference in New Issue
Block a user