2024-04-22 14:28:38 +02:00
|
|
|
when:
|
|
|
|
|
- event: [push, pull_request]
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: scan-repo
|
|
|
|
|
depends_on: []
|
|
|
|
|
image: aquasec/trivy
|
2024-10-31 09:26:28 +01:00
|
|
|
environment:
|
|
|
|
|
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db
|
|
|
|
|
TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db
|
|
|
|
|
TRIVY_CHECKS_BUNDLE_REPOSITORY: public.ecr.aws/aquasecurity/trivy-checks
|
2024-04-22 14:28:38 +02:00
|
|
|
commands:
|
|
|
|
|
- trivy repo . --exit-code 1
|
|
|
|
|
when:
|
|
|
|
|
- event: [push, pull_request]
|
|
|
|
|
- name: scan-conf
|
|
|
|
|
depends_on: []
|
|
|
|
|
image: aquasec/trivy
|
2024-10-31 09:26:28 +01:00
|
|
|
environment:
|
|
|
|
|
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db
|
|
|
|
|
TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db
|
|
|
|
|
TRIVY_CHECKS_BUNDLE_REPOSITORY: public.ecr.aws/aquasecurity/trivy-checks
|
2024-04-22 14:28:38 +02:00
|
|
|
commands:
|
|
|
|
|
- trivy config . --exit-code 1
|
|
|
|
|
when:
|
|
|
|
|
- event: [push, pull_request]
|
|
|
|
|
- name: notify
|
2024-09-12 16:06:40 +02:00
|
|
|
image: dev.shielddagger.com/opensource/discord-notifier
|
2024-04-22 14:28:38 +02:00
|
|
|
failure: ignore
|
2024-04-22 14:34:01 +02:00
|
|
|
depends_on:
|
|
|
|
|
- scan-repo
|
2024-04-22 14:34:55 +02:00
|
|
|
- scan-conf
|
2024-04-22 14:28:38 +02:00
|
|
|
settings:
|
|
|
|
|
webhook_url:
|
|
|
|
|
from_secret: discord_webhook
|
2024-04-24 13:23:48 +02:00
|
|
|
woodpecker_url: https://ci.shielddagger.com/api
|
2024-04-22 14:28:38 +02:00
|
|
|
woodpecker_token:
|
|
|
|
|
from_secret: woodpecker_token
|
2024-09-12 11:12:32 +02:00
|
|
|
icon_url: https://dev.shielddagger.com/repo-avatars/1a648399aed58ef1c440bde43fc3f0f98f237a8d8f68074febe98517a86e1887
|
2024-04-22 15:36:49 +02:00
|
|
|
when:
|
|
|
|
|
- status: [success, failure]
|
