fix(): Migrates the image to DinD

2023-07-03 00:18:50 +02:00 · 2023-07-03 00:18:50 +02:00 · 90c5bf6354
commit 90c5bf6354
parent ebf56ec026
1 changed files with 8 additions and 4 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -38,21 +38,25 @@ steps:
    repo: scm.project42.io/elia/blog
    dry_run: true
    squash: true
    purge: false
    tags:
    - "${DRONE_COMMIT_SHA:0:8}"
  depends_on:
    - clean-up-images
 - name: trivy-scan
-  image: docker.io/aquasec/trivy:latest
+  image: docker:dind
  volumes:
    - name: dockersock
      path: /var/run/docker.sock
  commands:
    - export TRIVY_VERSION=$(wget -qO - "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')
    - echo "$TRIVY_VERSION"
    - export TRIVY_URL=$(printf "https://github.com/aquasecurity/trivy/releases/download/v%s/trivy_%s_Linux-64bit.tar.gz" "$TRIVY_VERSION" "$TRIVY_VERSION")
    - echo "$TRIVY_URL"
    - wget --no-verbose "$TRIVY_URL" -O - | tar -zxvf -
    - docker build -t "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}" .
-    - trivy image --exit-code 0 "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
+    - ./trivy image --exit-code 0 "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
-    - trivy image --exit-code 1 --severity CRITICAL "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
+    - ./trivy image --exit-code 1 --severity CRITICAL "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
    - docker rmi "scm.project42.io/elia/blog:${DRONE_COMMIT_SHA:0:8}"
  depends_on:
    - test-build-container