From ef9fa32275499e0e9d15283d0c1f84747feff983 Mon Sep 17 00:00:00 2001
From: Naomi Carrigan <accounts@nhcarrigan.com>
Date: Thu, 11 Dec 2025 20:44:01 +0100
Subject: [PATCH] Update workflows/.gitea/action.yml

---
 workflows/.gitea/action.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/workflows/.gitea/action.yml b/workflows/.gitea/action.yml
index cb4dca5..1229ec0 100644
--- a/workflows/.gitea/action.yml
+++ b/workflows/.gitea/action.yml
@@ -19,6 +19,16 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
+      # Manually install Trivy (workaround for Gitea Actions not supporting node24)
+      - name: Install Trivy
+        run: |
+          sudo apt-get update
+          sudo apt-get install wget apt-transport-https gnupg lsb-release -y
+          wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
+          echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
+          sudo apt-get update
+          sudo apt-get install trivy -y
+
       # Combined scan for vulnerabilities, secrets, and IaC misconfigurations
       - name: Run Trivy comprehensive security scan
         uses: aquasecurity/trivy-action@master
@@ -35,6 +45,8 @@ jobs:
           ignore-unfixed: false
           # Skip database update to speed up scans (uses cached DB)
           skip-db-update: false
+          # Skip setup since we installed Trivy manually
+          skip-setup-trivy: true
 
       # Display results for visibility
       - name: Display Trivy scan results