ci: add read-only pull secret to security build
All checks were successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
ci/woodpecker/tag/build-package Pipeline was successful
ci/woodpecker/tag/build-container Pipeline was successful
ci/woodpecker/tag/docs Pipeline was successful
ci/woodpecker/tag/notify Pipeline was successful

This commit is contained in:
Robert Kaussow 2024-11-14 21:10:01 +01:00
parent fab4ce4b01
commit 243c066ccd
Signed by: xoxys
GPG Key ID: 4E692A2EAECC03C0

View File

@ -13,6 +13,8 @@ steps:
output: type=oci,dest=oci/${CI_REPO_NAME},tar=false output: type=oci,dest=oci/${CI_REPO_NAME},tar=false
repo: thegeeklab/${CI_REPO_NAME} repo: thegeeklab/${CI_REPO_NAME}
cache_to: type=local,dest=oci/cache/${CI_REPO_NAME},mode=max cache_to: type=local,dest=oci/cache/${CI_REPO_NAME},mode=max
registry_config:
from_secret: DOCKER_REGISTRY_CONFIG_PULL
- name: security-scan - name: security-scan
image: docker.io/aquasec/trivy image: docker.io/aquasec/trivy