mirror of
https://github.com/thegeeklab/wp-docker-buildx.git
synced 2024-11-14 09:00:43 +00:00
ci: add read-only pull secret to security build (#274)
This commit is contained in:
parent
13f95c9b14
commit
1e4e2fbe91
@ -12,6 +12,8 @@ steps:
|
||||
containerfile: Containerfile.multiarch
|
||||
output: type=oci,dest=oci/${CI_REPO_NAME},tar=false
|
||||
repo: ${CI_REPO}
|
||||
registry_config:
|
||||
from_secret: DOCKER_REGISTRY_CONFIG_PULL
|
||||
|
||||
- name: security-scan
|
||||
image: docker.io/aquasec/trivy
|
||||
@ -49,7 +51,7 @@ steps:
|
||||
- ${CI_REPO_DEFAULT_BRANCH}
|
||||
|
||||
- name: publish-quay
|
||||
image: quay.io/thegeeklab/wp-docker-buildx:5.0.6
|
||||
image: quay.io/thegeeklab/wp-docker-buildx:5
|
||||
depends_on: [security-scan]
|
||||
settings:
|
||||
auto_tag: true
|
||||
|
Loading…
Reference in New Issue
Block a user