cn/dyndnsd
1
0
Fork 0
mirror of https://github.com/cmur2/dyndnsd.git synced 2024-12-22 10:54:23 +01:00
Code Releases Activity

ci: fix vulnscan behavior to scan most-recent semver

Browse Source
This commit is contained in:
cn 2020-08-19 14:33:26 +02:00
parent bf68049260
commit fcc3f12284
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/vulnscan.yml vendored
View File

@ -26,13 +26,14 @@ jobs:
run: |
trivy --version
ALL_IMAGES="$(curl -s https://hub.docker.com/v2/repositories/cmur2/dyndnsd/tags?page_size=1000 | jq -r '.results[].name | "cmur2/dyndnsd:" + .' | grep -e 'cmur2/dyndnsd:v' | sort -r)"
# semver sorting as per https://stackoverflow.com/a/40391207/2148786
ALL_IMAGES="$(curl -s https://hub.docker.com/v2/repositories/cmur2/dyndnsd/tags?page_size=1000 | jq -r '.results[].name | "cmur2/dyndnsd:" + .' | grep -e 'cmur2/dyndnsd:v' | sed '/-/!{s/$/_/}' | sort -r -V | sed 's/_$//')"
EXIT_CODE=0
set -e
for major_version in $(seq 1 10); do
for image in $ALL_IMAGES; do
if [[ "$image" = cmur2/dyndnsd:v$major_version.* ]]; then
echo -n "\nScanning newest patch release $image of major v$major_version...\n"
echo -e "\nScanning newest patch release $image of major v$major_version...\n"
if ! trivy image --skip-update --exit-code 1 "$image"; then
EXIT_CODE=1
fi