bojemoi/blog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
432ced0e82dc0d979704c2a8cfcce475406f64e6
blog/content/posts/commits/2026-03-03-commit-a0760dd.md
Betty 9c6a7fd023
Some checks failed
Hugo Build & Deploy / build-deploy (push) Has been cancelled
Details
post: commit a0760dd in bojemoi
2026-03-03 20:16:28 +01:00

41 lines
904 B
Markdown
Raw Blame History

---
title: "[bojemoi] ci: add Trivy security scan workflow (misconfig + secrets)"
date: 2026-03-03T20:16:27+01:00
draft: false
tags: ["commit", "bojemoi", "main"]
categories: ["Git Activity"]
summary: "Commit a0760dd par Betty dans bojemoi"
author: "Betty"
---
## Commit `a0760dd`
| | |
|---|---|
| **Repository** | bojemoi |
| **Branch** | `main` |
| **Author** | Betty |
| **Hash** | `a0760dd8976da397f6270effe123ddba1e4db04a` |
### Description
Scans 30+ Dockerfiles and 10 stack YAMLs for HIGH/CRITICAL misconfigurations
and exposed secrets on every push to main. Advisory mode (exit-code 0) to
avoid blocking deployments during initial noise triage.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
### Files Changed
```
A .gitea/workflows/trivy.yml
```
### Diff Summary
```
.gitea/workflows/trivy.yml | 34 ++++++++++++++++++++++++++++++++++
1 file changed, 34 insertions(+)
```
Reference in New Issue View Git Blame Copy Permalink