31 lines
627 B
YAML
31 lines
627 B
YAML
when:
|
|
- event: [push, pull_request]
|
|
|
|
steps:
|
|
- name: scan-repo
|
|
depends_on: []
|
|
image: aquasec/trivy
|
|
commands:
|
|
- trivy repo . --exit-code 1
|
|
when:
|
|
- event: [push, pull_request]
|
|
- name: scan-conf
|
|
depends_on: []
|
|
image: aquasec/trivy
|
|
commands:
|
|
- trivy config . --exit-code 1
|
|
when:
|
|
- event: [push, pull_request]
|
|
- name: notify
|
|
image: dev.shielddagger.com/infra/discord-notifier
|
|
failure: ignore
|
|
depends_on:
|
|
- scan-repo
|
|
#- scan-conf
|
|
settings:
|
|
webhook_url:
|
|
from_secret: discord_webhook
|
|
woodpecker_url: https://ci.shielddagger.com
|
|
woodpecker_token:
|
|
from_secret: woodpecker_token
|