mirror of
https://github.com/appleboy/drone-ssh.git
synced 2026-06-26 15:52:15 +08:00
Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 8a39ed2350 | |||
| ec51560163 | |||
| 008d03ed09 | |||
| 8ae378cba1 | |||
| bc57ffe8ae | |||
| 16a892b3a7 | |||
| 8265cc3fb1 | |||
| c0ae39b308 | |||
| ed85f7ef5e |
@@ -38,7 +38,7 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v6
|
||||
uses: actions/checkout@v7
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
|
||||
@@ -20,7 +20,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v6
|
||||
uses: actions/checkout@v7
|
||||
|
||||
- name: Setup go
|
||||
uses: actions/setup-go@v6
|
||||
@@ -75,6 +75,21 @@ jobs:
|
||||
load: true
|
||||
tags: drone-ssh:scan
|
||||
|
||||
- name: Run Trivy vulnerability scanner
|
||||
uses: aquasecurity/trivy-action@v0.36.0
|
||||
with:
|
||||
image-ref: "drone-ssh:scan"
|
||||
format: "sarif"
|
||||
output: "trivy-image-results.sarif"
|
||||
severity: "CRITICAL,HIGH"
|
||||
exit-code: '1'
|
||||
- name: Upload Trivy scan results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@v4
|
||||
if: always()
|
||||
with:
|
||||
sarif_file: "trivy-image-results.sarif"
|
||||
category: "trivy-docker-image"
|
||||
|
||||
- name: Build and push
|
||||
if: success()
|
||||
uses: docker/build-push-action@v7
|
||||
|
||||
@@ -13,7 +13,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v6
|
||||
uses: actions/checkout@v7
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
|
||||
@@ -9,7 +9,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v6
|
||||
uses: actions/checkout@v7
|
||||
|
||||
- name: Setup go
|
||||
uses: actions/setup-go@v6
|
||||
@@ -20,7 +20,7 @@ jobs:
|
||||
- name: Setup golangci-lint
|
||||
uses: golangci/golangci-lint-action@v9
|
||||
with:
|
||||
version: latest
|
||||
version: v2.12
|
||||
args: --verbose
|
||||
|
||||
- uses: hadolint/hadolint-action@v3.3.0
|
||||
@@ -38,7 +38,7 @@ jobs:
|
||||
options: --sysctl net.ipv6.conf.all.disable_ipv6=0
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v6
|
||||
uses: actions/checkout@v7
|
||||
|
||||
- name: setup sshd server
|
||||
run: |
|
||||
@@ -50,6 +50,6 @@ jobs:
|
||||
make test
|
||||
|
||||
- name: Upload coverage to Codecov
|
||||
uses: codecov/codecov-action@v5
|
||||
uses: codecov/codecov-action@v7
|
||||
with:
|
||||
flags: go-${{ matrix.go-version }}
|
||||
|
||||
@@ -22,10 +22,10 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v6
|
||||
uses: actions/checkout@v7
|
||||
|
||||
- name: Run Trivy vulnerability scanner (repo)
|
||||
uses: aquasecurity/trivy-action@v0.35.0
|
||||
uses: aquasecurity/trivy-action@v0.36.0
|
||||
with:
|
||||
scan-type: "fs"
|
||||
scan-ref: "."
|
||||
@@ -44,7 +44,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v6
|
||||
uses: actions/checkout@v7
|
||||
|
||||
- name: Setup go
|
||||
uses: actions/setup-go@v6
|
||||
@@ -70,7 +70,7 @@ jobs:
|
||||
tags: drone-ssh:scan
|
||||
|
||||
- name: Run Trivy vulnerability scanner (image)
|
||||
uses: aquasecurity/trivy-action@v0.35.0
|
||||
uses: aquasecurity/trivy-action@v0.36.0
|
||||
with:
|
||||
image-ref: "drone-ssh:scan"
|
||||
format: "sarif"
|
||||
|
||||
Reference in New Issue
Block a user