From 69f09733192f8d9562b7e7ff2051976564282205 Mon Sep 17 00:00:00 2001
From: Wolfgang Hottgenroth <wolfgang.hottgenroth@icloud.com>
Date: Wed, 7 Feb 2024 22:51:24 +0100
Subject: [PATCH] add trivy stage

---
 .woodpecker.yml      | 9 ++++++++-
 deployment/deploy.sh | 2 +-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index 10849b1..8e67820 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -2,7 +2,7 @@ steps:
   build:
     image: plugins/kaniko
     settings:
-      repo: gitea.hottis.de/wn/locsrv
+      repo: ${FORGE_NAME}/${CI_REPO}
       registry: 
         from_secret: container_registry
       tags: latest,${CI_COMMIT_SHA},${CI_COMMIT_TAG}
@@ -14,6 +14,13 @@ steps:
     when:
       - event: [push, tag]
 
+  scan_image:
+    image: aquasec/trivy
+    commands:
+      - trivy image $FORGE_NAME/$CI_REPO:$CI_COMMIT_SHA --quiet --exit-code 1
+    when:
+      - event: [push, tag]
+
   deploy:
     image: portainer/kubectl-shell:latest
     secrets:
diff --git a/deployment/deploy.sh b/deployment/deploy.sh
index 65e07ad..21af4f1 100755
--- a/deployment/deploy.sh
+++ b/deployment/deploy.sh
@@ -6,7 +6,7 @@ if [ "$IMAGE_TAG" == "" ]; then
 fi
 
 
-IMAGE_NAME=gitea.hottis.de/wn/locsrv
+IMAGE_NAME=$FORGE_NAME/$CI_REPO
 NAMESPACE=homea
 DEPLOYMENT_DIR=$PWD/deployment