92d75ddefc
* fix(ci): check out correct repo+ref for PRs. Addresses #3999 * fix(ci): update a bunch of other CI jobs to specify refs. For #3999
38 lines
887 B
YAML
38 lines
887 B
YAML
name: Lint
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- develop
|
|
paths:
|
|
- 'Dockerfile'
|
|
pull_request:
|
|
branches:
|
|
- develop
|
|
paths:
|
|
- 'Dockerfile'
|
|
|
|
jobs:
|
|
trivy:
|
|
name: Dockerfile
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: aquasec/trivy
|
|
steps:
|
|
- name: Check out pull request code
|
|
uses: actions/checkout@v4
|
|
if: github.event_name == 'pull_request'
|
|
with:
|
|
repository: ${{ github.event.pull_request.head.repo.full_name }}
|
|
ref: ${{ github.event.pull_request.head.ref }}
|
|
|
|
- name: Check out repository code
|
|
uses: actions/checkout@v4
|
|
if: github.event_name == 'push'
|
|
|
|
- name: Check critical issues
|
|
run: trivy config --exit-code 1 --severity "HIGH,CRITICAL" ./Dockerfile
|
|
|
|
- name: Check non-critical issues
|
|
run: trivy config --severity "LOW,MEDIUM" ./Dockerfile
|