From e62e6782a2eb2a4116514a51b22d4627a33e340d Mon Sep 17 00:00:00 2001
From: Wolfgang Hottgenroth <wolfgang.hottgenroth@icloud.com>
Date: Thu, 16 Jan 2025 11:49:11 +0100
Subject: [PATCH] add scan stage

---
 .woodpecker.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index 2359c95..f882084 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -16,6 +16,13 @@ steps:
     when:
       - event: [push,tag]
 
+  scan_image:
+    image: aquasec/trivy
+    commands:
+      - trivy image $FORGE_NAME/$CI_REPO:$CI_COMMIT_SHA --quiet --exit-code 1
+    when:
+      - event: [push, tag]
+
   deploy:
     image: portainer/kubectl-shell:latest
     secrets: