base-build-env/.woodpecker.yml

steps:
  build:
    image: plugins/kaniko
    settings:
      repo: ${FORGE_NAME}/${CI_REPO}
      registry: 
        from_secret: container_registry
      tags: latest,${CI_COMMIT_SHA},${CI_COMMIT_TAG}
      username: 
        from_secret: container_registry_username
      password: 
        from_secret: container_registry_password
      dockerfile: Dockerfile
    when:
      - event: [push, tag]

  scan_image:
    image: aquasec/trivy
    commands:
      - trivy image $FORGE_NAME/$CI_REPO:$CI_COMMIT_SHA --ignore-unfixed --quiet --exit-code 1
    when:
      - event: [push, tag]
woodpecker script 2024-08-20 19:04:41 +02:00			`steps:`
			`build:`
			`image: plugins/kaniko`
			`settings:`
			`repo: ${FORGE_NAME}/${CI_REPO}`
			`registry:`
			`from_secret: container_registry`
			`tags: latest,${CI_COMMIT_SHA},${CI_COMMIT_TAG}`
			`username:`
			`from_secret: container_registry_username`
			`password:`
			`from_secret: container_registry_password`
			`dockerfile: Dockerfile`
			`when:`
			`- event: [push, tag]`

			`scan_image:`
			`image: aquasec/trivy`
			`commands:`
adjust scanner 2024-08-21 14:32:36 +02:00			`- trivy image $FORGE_NAME/$CI_REPO:$CI_COMMIT_SHA --ignore-unfixed --quiet --exit-code 1`
woodpecker script 2024-08-20 19:04:41 +02:00			`when:`
			`- event: [push, tag]`