Merge pull request 'Added container vulnerability scan' (#56) from test into main
Some checks failed
continuous-integration/drone Build was killed
Some checks failed
continuous-integration/drone Build was killed
Reviewed-on: #56
This commit was merged in pull request #56.
This commit is contained in:
10
.drone.yml
10
.drone.yml
@@ -62,6 +62,7 @@ steps:
|
|||||||
commands:
|
commands:
|
||||||
- dotnet publish --configuration Release
|
- dotnet publish --configuration Release
|
||||||
|
|
||||||
|
|
||||||
- name: build and push
|
- name: build and push
|
||||||
image: gcr.io/kaniko-project/executor:debug
|
image: gcr.io/kaniko-project/executor:debug
|
||||||
environment:
|
environment:
|
||||||
@@ -76,6 +77,15 @@ steps:
|
|||||||
--destination=index.docker.io/khwezi/webapitest:latest
|
--destination=index.docker.io/khwezi/webapitest:latest
|
||||||
--destination=index.docker.io/khwezi/webapitest:${DRONE_BUILD_NUMBER}
|
--destination=index.docker.io/khwezi/webapitest:${DRONE_BUILD_NUMBER}
|
||||||
|
|
||||||
|
- name: volnerability-scan
|
||||||
|
image: aquasec/trivy
|
||||||
|
commands:
|
||||||
|
- trivy image --exit-code 1 --severity CRITICAL khwezi/webapitest:${DRONE_BUILD_NUMBER}
|
||||||
|
|
||||||
|
- name: container-scan
|
||||||
|
image: aquasec/trivy
|
||||||
|
commands:
|
||||||
|
- trivy image --exit-code 1 --severity CRITICAL khwezi/webapitest:${DRONE_BUILD_NUMBER}
|
||||||
---
|
---
|
||||||
kind: pipeline
|
kind: pipeline
|
||||||
type: docker
|
type: docker
|
||||||
|
|||||||
Reference in New Issue
Block a user