Update workflows/.gitea/action.yml

2025-12-11 20:44:01 +01:00
parent aaca248385
commit ef9fa32275
1 changed files with 12 additions and 0 deletions
@@ -19,6 +19,16 @@ jobs:
      - name: Checkout code
        uses: actions/checkout@v4

+      # Manually install Trivy (workaround for Gitea Actions not supporting node24)
+      - name: Install Trivy
+        run: |
+          sudo apt-get update
+          sudo apt-get install wget apt-transport-https gnupg lsb-release -y
+          wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
+          echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
+          sudo apt-get update
+          sudo apt-get install trivy -y
+
      # Combined scan for vulnerabilities, secrets, and IaC misconfigurations
      - name: Run Trivy comprehensive security scan
        uses: aquasecurity/trivy-action@master
@@ -35,6 +45,8 @@ jobs:
          ignore-unfixed: false
          # Skip database update to speed up scans (uses cached DB)
          skip-db-update: false
+          # Skip setup since we installed Trivy manually
+          skip-setup-trivy: true

      # Display results for visibility
      - name: Display Trivy scan results