diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml index 635a494..c1aa9ec 100644 --- a/.github/workflows/trivy-scan.yml +++ b/.github/workflows/trivy-scan.yml @@ -1,6 +1,7 @@ name: Trivy-scanning on: + workflow_dispatch: push: branches: - master @@ -16,13 +17,12 @@ jobs: with: ref: ${{ github.ref }} - - name: Run Trivy fs vulnerability scanner + name: Run Trivy fs vulnerability scanner in fs mode uses: aquasecurity/trivy-action@0.20.0 with: scan-type: 'fs' ignore-unfixed: true - format: 'template' - template: '@/contrib/sarif.tpl' + format: 'sarif' output: 'trivy-results.sarif' #severity: 'CRITICAL' - diff --git a/Dockerfile b/Dockerfile index 1562dfc..17038b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -34,30 +34,30 @@ COPY nginx-ws.tpl /etc/nginx/conf.d/ COPY proxy-log-fmt.tpl /etc/nginx/conf.d/000-proxy-log-fmt.conf -ADD server-lgp.sh /server-lgp.sh -ADD server-lgr.sh /server-lgr.sh -ADD server-lgt.sh /server-lgt.sh +COPY server-lgp.sh /server-lgp.sh +COPY server-lgr.sh /server-lgr.sh +COPY server-lgt.sh /server-lgt.sh -ADD server-lsp.sh /server-lsp.sh -ADD server-lst.sh /server-lst.sh +COPY server-lsp.sh /server-lsp.sh +COPY server-lst.sh /server-lst.sh -ADD server-ltr.sh /server-ltr.sh -ADD server-ltt.sh /server-ltt.sh +COPY server-ltr.sh /server-ltr.sh +COPY server-ltt.sh /server-ltt.sh -ADD server-lwp.sh /server-lwp.sh -ADD server-lwt.sh /server-lwt.sh +COPY server-lwp.sh /server-lwp.sh +COPY server-lwt.sh /server-lwt.sh -ADD server-mtt.sh /server-mtt.sh -ADD server-mwp.sh /server-mwp.sh -ADD server-mwt.sh /server-mwt.sh +COPY server-mtt.sh /server-mtt.sh +COPY server-mwp.sh /server-mwp.sh +COPY server-mwt.sh /server-mwt.sh -ADD server-twp.sh /server-twp.sh -ADD server-ttt.sh /server-ttt.sh -ADD server-twt.sh /server-twt.sh +COPY server-twp.sh /server-twp.sh +COPY server-ttt.sh /server-ttt.sh +COPY server-twt.sh /server-twt.sh -ADD server-nginx.sh /server-nginx.sh +COPY server-nginx.sh /server-nginx.sh -ADD run.sh /run.sh +COPY run.sh /run.sh RUN chmod 755 /*.sh