From 8486d82f46fe7d25dc12050ee8054c1e98527877 Mon Sep 17 00:00:00 2001
From: Elia el Lazkani <blog@lazkani.io>
Date: Sun, 2 Jul 2023 23:49:21 +0200
Subject: [PATCH] test(): Testing with Trivy container scanning

---
 .drone.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/.drone.yml b/.drone.yml
index 5509504..b00e48e 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -34,9 +34,18 @@ steps:
     repo: scm.project42.io/elia/blog
     dry_run: true
     squash: true
+    purge: false
     tags:
     - "${DRONE_COMMIT_SHA:0:8}"
 
+- name: trivy-scan
+  image: docker.io/aquasec/trivy:latest
+  commands:
+    - trivy image --exit-code 0 "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
+    - trivy image --exit-code 1 --severity CRITICAL "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
+  depends_on:
+    - test-build-container
+
 - name: build-container
   image: plugins/docker
   settings: