post: commit a0760dd in bojemoi
Some checks failed
Hugo Build & Deploy / build-deploy (push) Has been cancelled
Some checks failed
Hugo Build & Deploy / build-deploy (push) Has been cancelled
This commit is contained in:
Betty
40
content/posts/commits/2026-03-03-commit-a0760dd.md
Normal file
40
content/posts/commits/2026-03-03-commit-a0760dd.md
Normal file
@@ -0,0 +1,40 @@
|
||||
---
|
||||
title: "[bojemoi] ci: add Trivy security scan workflow (misconfig + secrets)"
|
||||
date: 2026-03-03T20:16:27+01:00
|
||||
draft: false
|
||||
tags: ["commit", "bojemoi", "main"]
|
||||
categories: ["Git Activity"]
|
||||
summary: "Commit a0760dd par Betty dans bojemoi"
|
||||
author: "Betty"
|
||||
---
|
||||
|
||||
## Commit `a0760dd`
|
||||
|
||||
| | |
|
||||
|---|---|
|
||||
| **Repository** | bojemoi |
|
||||
| **Branch** | `main` |
|
||||
| **Author** | Betty |
|
||||
| **Hash** | `a0760dd8976da397f6270effe123ddba1e4db04a` |
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Scans 30+ Dockerfiles and 10 stack YAMLs for HIGH/CRITICAL misconfigurations
|
||||
and exposed secrets on every push to main. Advisory mode (exit-code 0) to
|
||||
avoid blocking deployments during initial noise triage.
|
||||
|
||||
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
||||
|
||||
### Files Changed
|
||||
|
||||
```
|
||||
A .gitea/workflows/trivy.yml
|
||||
```
|
||||
|
||||
### Diff Summary
|
||||
|
||||
```
|
||||
.gitea/workflows/trivy.yml | 34 ++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 34 insertions(+)
|
||||
```
|
||||
Reference in New Issue
Block a user