paspo/docker-glpi
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: paspo:10.0.16
Branches Tags
paspo:master
paspo:10.0.20 paspo:10.0.18 paspo:10.0.17 paspo:10.0.16 paspo:10.0.15 paspo:10.0.14 paspo:10.0.13 paspo:10.0.12 paspo:10.0.11 paspo:10.0.10 paspo:10.0.9 paspo:10.0.9-ok paspo:10.0.8 paspo:10.0.7
..
compare: paspo:e6c28c3b15601337ef3c715849d48faa6fbaf587
Branches Tags
paspo:master
paspo:10.0.20 paspo:10.0.18 paspo:10.0.17 paspo:10.0.16 paspo:10.0.15 paspo:10.0.14 paspo:10.0.13 paspo:10.0.12 paspo:10.0.11 paspo:10.0.10 paspo:10.0.9 paspo:10.0.9-ok paspo:10.0.8 paspo:10.0.7

3 Commits
10.0.16 ... e6c28c3b15

Author SHA1 Message Date
paspo
e6c28c3b15 fix trivy
All checks were successful
continuous-integration/drone/push Build is passing
Details
Vulnerability Scan / Daily Vulnerability Scan (push) Successful in 2m22s
Details
2025-01-17 08:01:20 +01:00
paspo
d2824d0831 cached trivy db
All checks were successful
continuous-integration/drone/push Build is passing
Details
Vulnerability Scan / Daily Vulnerability Scan (push) Successful in 10m43s
Details
2024-12-02 16:41:18 +01:00
paspo
fb51b8e9da glpi upgrade
Some checks are pending
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details
Vulnerability Scan / Daily Vulnerability Scan (push) Has started running
Details
2024-11-06 12:02:03 +01:00
2 changed files with 30 additions and 7 deletions
Expand all files Collapse all files

2
.drone.star
View File

@@ -1,6 +1,6 @@
def main(ctx): def main(ctx):
archs = ["amd64", "arm64"] ## arm archs = ["amd64", "arm64"] ## arm
glpi_version = "10.0.16" glpi_version = "10.0.17"
alpine_version = "3.20" alpine_version = "3.20"
out = [] out = []

35
.gitea/workflows/vulnscan.yaml
View File

@@ -1,3 +1,4 @@
---
name: Vulnerability Scan name: Vulnerability Scan
on: on:
@@ -16,14 +17,36 @@ jobs:
- name: Pull docker image - name: Pull docker image
run: docker pull docker.asperti.com/paspo/glpi:latest run: docker pull docker.asperti.com/paspo/glpi:latest
- name: Setup trivy
run: |
echo "Installing Trivy for arch: $(uname -m)"
case $(uname -m) in
x86_64)
wget -O /tmp/trivy.deb https://github.com/aquasecurity/trivy/releases/download/v0.58.2/trivy_0.58.2_Linux-64bit.deb ;;
aarch64)
wget -O /tmp/trivy.deb https://github.com/aquasecurity/trivy/releases/download/v0.58.2/trivy_0.58.2_Linux-ARM64.deb ;;
*) exit 1 ;;
esac
dpkg -i /tmp/trivy.deb
- name: Run Trivy vulnerability scanner - name: Run Trivy vulnerability scanner
id: scan id: scan
uses: aquasecurity/trivy-action@master run: |
with: trivy --server ${{ secrets.TRIVY_SERVER }} --token ${{ secrets.TRIVY_TOKEN }} image --format json docker.asperti.com/paspo/glpi:latest > trivy-results.json
image-ref: "docker.asperti.com/paspo/glpi:latest"
format: "json"
output: "trivy-results.json"
# if some vulnerability is found, we fail # if some vulnerability is found, we fail
- name: check output - name: check output
run: if [ $(jq '.Results[0].Vulnerabilities|length' trivy-results.json) -ne "0" ] ; then exit 1 ; fi id: vulncount
run: |
echo "VULNCOUNT=$(jq '.Results[0].Vulnerabilities|length' trivy-results.json)" >> ${GITHUB_OUTPUT}
if [ $(jq '.Results[0].Vulnerabilities|length' trivy-results.json) -ne "0" ] ; then exit 1 ; fi
- name: send telegram notification
if: failure()
uses: appleboy/telegram-action@master
with:
to: ${{ secrets.TELEGRAM_TO }}
token: ${{ secrets.TELEGRAM_TOKEN }}
format: markdown
message: |
Found **${{ steps.vulncount.outputs.VULNCOUNT }}** vulnerabilities in `${{ github.repository }}`