lerkolabs/uptop
1
1
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 3 Wiki Activity

ci(docker): add Grype CVE scanning after image push

Browse Source 
Scans published image for Alpine and dependency CVEs.
Fails on critical severity, reports all others in table output.
This commit is contained in:
Tyler Koenig
2026-06-01 21:32:20 -04:00
parent 50eb43971c
commit 3a169b2bcd
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/release-docker.yml
+5
View File
@@ -60,6 +60,11 @@ jobs:
COMMIT=${{ github.sha }} COMMIT=${{ github.sha }}
BUILD_DATE=${{ github.event.head_commit.timestamp }} BUILD_DATE=${{ github.event.head_commit.timestamp }}
- name: Scan image for CVEs
run: |
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin
grype lerkolabs/uptop:${{ steps.meta.outputs.tag }} --fail-on critical --output table
- name: Update Docker Hub description - name: Update Docker Hub description
uses: peter-evans/dockerhub-description@v4 uses: peter-evans/dockerhub-description@v4
with: with: