ZeroDownTime/CloudBender
3
0
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects Releases Wiki Activity

Squashed '.ci/' changes from 67529a0..ca67be5

Browse Source 
ca67be5 feat: only set TRIVY_IGNORE of file present

git-subtree-dir: .ci
git-subtree-split: ca67be57ee80e190ce07719b16bc0059267cbdb4
This commit is contained in:
Stefan Reimer 2025-05-24 13:38:17 +00:00
parent a32bab422f
commit cd49e55a3b
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
podman.mk
View File

@ -29,6 +29,9 @@ ARCH ::= amd64
ALL_ARCHS ::= amd64 arm64 ALL_ARCHS ::= amd64 arm64
_ARCH = $(or $(filter $(ARCH),$(ALL_ARCHS)),$(error $$ARCH [$(ARCH)] must be exactly one of "$(ALL_ARCHS)")) _ARCH = $(or $(filter $(ARCH),$(ALL_ARCHS)),$(error $$ARCH [$(ARCH)] must be exactly one of "$(ALL_ARCHS)"))
ifneq ($(shell ls ./.trivyignore.yaml 2>/dev/null),)
TRIVY_IGNORE ::= --ignorefile ./.trivyignore.yaml
endif
ifneq ($(TRIVY_REMOTE),) ifneq ($(TRIVY_REMOTE),)
TRIVY_OPTS ::= --server $(TRIVY_REMOTE) TRIVY_OPTS ::= --server $(TRIVY_REMOTE)
endif endif
@ -49,7 +52,7 @@ test:: ## test built artificats
scan: ## Scan image using trivy scan: ## Scan image using trivy
echo "Scanning $(IMAGE):$(TAG)-$(_ARCH) using Trivy $(TRIVY_REMOTE)" echo "Scanning $(IMAGE):$(TAG)-$(_ARCH) using Trivy $(TRIVY_REMOTE)"
trivy image $(TRIVY_OPTS) --quiet --no-progress localhost/$(IMAGE):$(TAG)-$(_ARCH) trivy image $(TRIVY_OPTS) --quiet --no-progress $(TRIVY_IGNORE) localhost/$(IMAGE):$(TAG)-$(_ARCH)
# first tag and push all actual images # first tag and push all actual images
# create new manifest for each tag and add all available TAG-ARCH before pushing # create new manifest for each tag and add all available TAG-ARCH before pushing