elia/tricks
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity

chore(): attaching the scan to the image
All checks were successful
continuous-integration/drone/promote/production Build is passing
Details
continuous-integration/drone/push Build is passing
Details

Browse source
This commit is contained in:
Elia el Lazkani 2023-07-04 00:10:41 +02:00
parent 88619706c1
commit 1350f291dd
1 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
.drone.yml
View file

@ -49,8 +49,16 @@ name: scan
steps:
- name: trivy-scan
image: scm.project42.io/elia/tricks:latest
environment:
REGISTRY_USERNAME:
from_secret: registry_username
REGISTRY_PASSWORD:
from_secret: registry_password
commands:
- trivy image --image-src remote scm.project42.io/elia/tricks:"${DRONE_COMMIT_SHA:0:8}"
- trivy image --format json --output result.json --image-src remote scm.project42.io/elia/tricks:"${DRONE_COMMIT_SHA:0:8}"
- export TIMESTAMP=$(date "+%F %T %Z")
- echo $TIMESTAMP
- oras attach --username "$REGISTRY_USERNAME" --password "$REGISTRY_PASSWORD" -a "org.opencontainers.trivy.created=$TIMESTAMP" -a "org.opencontainers.trivy.status=Passed" -a "org.opencontainers.trivy.tag=${DRONE_COMMIT_SHA:0:8}" --artifact-type application/json "scm.project42.io/elia/tricks:${DRONE_COMMIT_SHA:0:8}" result.json
depends_on:
- build
@ -73,7 +81,7 @@ steps:
REGISTRY_PASSWORD:
from_secret: registry_password
commands:
- oras cp --from-username "$REGISTRY_USERNAME" --from-password "$REGISTRY_PASSWORD" --to-username "$REGISTRY_USERNAME" --to-password "$REGISTRY_PASSWORD" "scm.project42.io/elia/tricks:${DRONE_COMMIT_SHA:0:8}" scm.project42.io/elia/tricks:latest
- oras tag --username "$REGISTRY_USERNAME" --password "$REGISTRY_PASSWORD" "scm.project42.io/elia/tricks:${DRONE_COMMIT_SHA:0:8}" latest
when:
event:
- promote