Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-18 08:20:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Merge pull request #14 from omriza5/feature/add-security-scan

Browse source 
Add Trivy vulnerability scanning to CI workflow
This commit is contained in:
omriza5 2025-09-27 15:44:50 +03:00 committed by GitHub
commit d578ba4b25
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 26 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

26
.github/workflows/e2e-testing.yml vendored
View file

@ -34,6 +34,24 @@ jobs:
# Save the tag for later steps # Save the tag for later steps
echo "WEKAN_IMAGE_TAG=$TAG" >> $GITHUB_ENV echo "WEKAN_IMAGE_TAG=$TAG" >> $GITHUB_ENV
- name: Scan Wekan Docker image for vulnerabilities(Wekan)
uses: aquasecurity/trivy-action@master
with:
image-ref: '${{ secrets.DOCKERHUB_USERNAME }}/wekan:${{ env.WEKAN_IMAGE_TAG }}'
format: 'table'
severity: 'HIGH,CRITICAL'
ignore-unfixed: true
exit-code: 0
- name: Scan wekan-selenium Docker image for vulnerabilities
uses: aquasecurity/trivy-action@master
with:
image-ref: 'omriza5/wekan-selenium:1.0.0'
format: 'table'
severity: 'HIGH,CRITICAL'
ignore-unfixed: true
exit-code: 0
- name: Create .env file - name: Create .env file
run: | run: |
echo "WEKAN_IMAGE=omriza5/wekan:${WEKAN_IMAGE_TAG}" >> .env echo "WEKAN_IMAGE=omriza5/wekan:${WEKAN_IMAGE_TAG}" >> .env
@ -309,6 +327,14 @@ jobs:
path: allure-results/ path: allure-results/
retention-days: 30 retention-days: 30
- name: Upload screenshots
if: always() # Ensure this runs even if tests fail
uses: actions/upload-artifact@v4
with:
name: ui-test-screenshots-${{ matrix.browser }}-${{ matrix.resolution.name }}
path: artifacts/screenshots
retention-days: 2 # Store artifacts for 2 days
allure-report: allure-report:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: Selenium-ui-tests needs: Selenium-ui-tests