Loading .gitlab-ci.yml +2 −3 Original line number Diff line number Diff line Loading @@ -119,7 +119,6 @@ job_image_scan: TRIVY_TOKEN: "" TRIVY_QUIET: "false" TRIVY_SKIP_UPDATE: "false" allow_failure: true before_script: - apk add --no-cache python3 py3-pip Loading @@ -138,9 +137,9 @@ job_image_scan: - IMAGE=$(pipenv run python3 tools/job_image/job_image.py ${JOB}) - if [ ! -z ${IMAGE} ]; then - NAME=$(basename ${IMAGE}) - ./trivy image --template "@${TEMPLATE_NAME}" --security-checks vuln --vuln-type ${TRIVY_VULN_TYPE} --cache-dir ${TRIVY_CACHE_DIR} -o ${OUTPUT_DIR}/${NAME}.${TRIVY_OUTPUT} ${IMAGE} - ./trivy image --template "@${TEMPLATE_NAME}" --security-checks vuln --vuln-type ${TRIVY_VULN_TYPE} --offline-scan --cache-dir ${TRIVY_CACHE_DIR} -o ${OUTPUT_DIR}/${NAME}.${TRIVY_OUTPUT} ${IMAGE} - if [ ! -z ${TRIVY_EXIT_ON_SEVERITY} ]; then - ./trivy image --template "@${TEMPLATE_NAME}" --security-checks vuln --vuln-type ${TRIVY_VULN_TYPE} --cache-dir ${TRIVY_CACHE_DIR} --exit-code 1 --severity ${TRIVY_SEVERITY} -o ${OUTPUT_DIR}/${NAME}-failed-${TRIVY_OUTPUT} ${IMAGE} - ./trivy image --template "@${TEMPLATE_NAME}" --security-checks vuln --vuln-type ${TRIVY_VULN_TYPE} --offline-scan --cache-dir ${TRIVY_CACHE_DIR} --exit-code 1 --severity ${TRIVY_SEVERITY} -o ${OUTPUT_DIR}/${NAME}-failed-${TRIVY_OUTPUT} ${IMAGE} - fi - fi - IMAGE="" Loading Loading
.gitlab-ci.yml +2 −3 Original line number Diff line number Diff line Loading @@ -119,7 +119,6 @@ job_image_scan: TRIVY_TOKEN: "" TRIVY_QUIET: "false" TRIVY_SKIP_UPDATE: "false" allow_failure: true before_script: - apk add --no-cache python3 py3-pip Loading @@ -138,9 +137,9 @@ job_image_scan: - IMAGE=$(pipenv run python3 tools/job_image/job_image.py ${JOB}) - if [ ! -z ${IMAGE} ]; then - NAME=$(basename ${IMAGE}) - ./trivy image --template "@${TEMPLATE_NAME}" --security-checks vuln --vuln-type ${TRIVY_VULN_TYPE} --cache-dir ${TRIVY_CACHE_DIR} -o ${OUTPUT_DIR}/${NAME}.${TRIVY_OUTPUT} ${IMAGE} - ./trivy image --template "@${TEMPLATE_NAME}" --security-checks vuln --vuln-type ${TRIVY_VULN_TYPE} --offline-scan --cache-dir ${TRIVY_CACHE_DIR} -o ${OUTPUT_DIR}/${NAME}.${TRIVY_OUTPUT} ${IMAGE} - if [ ! -z ${TRIVY_EXIT_ON_SEVERITY} ]; then - ./trivy image --template "@${TEMPLATE_NAME}" --security-checks vuln --vuln-type ${TRIVY_VULN_TYPE} --cache-dir ${TRIVY_CACHE_DIR} --exit-code 1 --severity ${TRIVY_SEVERITY} -o ${OUTPUT_DIR}/${NAME}-failed-${TRIVY_OUTPUT} ${IMAGE} - ./trivy image --template "@${TEMPLATE_NAME}" --security-checks vuln --vuln-type ${TRIVY_VULN_TYPE} --offline-scan --cache-dir ${TRIVY_CACHE_DIR} --exit-code 1 --severity ${TRIVY_SEVERITY} -o ${OUTPUT_DIR}/${NAME}-failed-${TRIVY_OUTPUT} ${IMAGE} - fi - fi - IMAGE="" Loading
