fix: scan with actual tag rather than latest

This commit is contained in:
Stefan Reimer 2022-01-16 00:35:26 +01:00
parent 13e480c79d
commit e6b163fdd5

View File

@ -17,7 +17,7 @@ endif
all: build all: build
build: build:
podman build --rm --squash-all --build-arg BASE=$(BASE) -t $(REPOSITORY):latest . podman build --rm --squash-all --build-arg BASE=$(BASE) -t $(REPOSITORY):$(TAG) -t $(REPOSITORY):latest .
push: push:
aws ecr-public get-login-password --region us-east-1 | podman login --username AWS --password-stdin $(REGISTRY) aws ecr-public get-login-password --region us-east-1 | podman login --username AWS --password-stdin $(REGISTRY)
@ -26,4 +26,4 @@ push:
podman push $(REGISTRY)/$(REPOSITORY):latest podman push $(REGISTRY)/$(REPOSITORY):latest
scan: scan:
trivy $(TRIVY_OPTS) $(TAG) trivy $(TRIVY_OPTS) $(REPOSITORY):$(TAG)