mirror/seerr
1
0
Fork 0
mirror of https://github.com/seerr-team/seerr.git synced 2025-12-23 23:58:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

chore(renovate): fix trivy action tag (#1993) [skip-ci]

Browse Source 
Signed-off-by: Ludovic Ortega <ludovic.ortega@adminafk.fr>
This commit is contained in:
Ludovic Ortega
2025-10-07 22:23:26 +03:00
committed by GitHub
parent 2e6a19d3b5
commit 393cb1a4ce
2 changed files with 99 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

110
.github/workflows/docs-link-check.yml vendored
View File

@@ -3,67 +3,67 @@
name: Check Docs Links
on:
pull_request:
branches:
- '*'
paths:
- 'docs/**'
- 'gen-docs/**'
- '.github/workflows/docs-link-check.yml'
push:
branches:
- develop
paths:
- 'docs/**'
- 'gen-docs/**'
- '.github/workflows/docs-link-check.yml'
schedule:
- cron: '50 7 * * 5'
workflow_dispatch:
pull_request:
branches:
- '*'
paths:
- 'docs/**'
- 'gen-docs/**'
- '.github/workflows/docs-link-check.yml'
push:
branches:
- develop
paths:
- 'docs/**'
- 'gen-docs/**'
- '.github/workflows/docs-link-check.yml'
schedule:
- cron: '50 7 * * 5'
workflow_dispatch:
permissions:
contents: read
contents: read
concurrency:
group: docs-link-check-${{ github.ref }}
cancel-in-progress: true
group: docs-link-check-${{ github.ref }}
cancel-in-progress: true
jobs:
link-check:
name: Verify external links in Markdown and MDX
runs-on: ubuntu-24.04
timeout-minutes: 20
link-check:
name: Verify external links in Markdown and MDX
runs-on: ubuntu-24.04
timeout-minutes: 20
steps:
- name: Checkout
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
fetch-depth: 0
persist-credentials: false
steps:
- name: Checkout
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
fetch-depth: 0
persist-credentials: false
- name: Run Lychee link checker
uses: lycheeverse/lychee-action@885c65f3dc543b57c898c8099f4e08c8afd178a2 # v2.6.1
with:
fail: false
args: >-
--verbose
--no-progress
--accept 200..204,300..304,307,308,404,429,999
--exclude '^file://'
--exclude '^https?://(localhost|127\.0\.0\.1|0\.0\.0\.0|\[::1\]|\[::\])'
--exclude '^https?://support\.discord\.com'
'./docs/**/*.md'
'./docs/**/*.mdx'
'./gen-docs/**/*.md'
'./gen-docs/**/*.mdx'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Run Lychee link checker
uses: lycheeverse/lychee-action@885c65f3dc543b57c898c8099f4e08c8afd178a2 # v2.6.1
with:
fail: false
args: >-
--verbose
--no-progress
--accept 200..204,300..304,307,308,404,429,999
--exclude '^file://'
--exclude '^https?://(localhost|127\.0\.0\.1|0\.0\.0\.0|\[::1\]|\[::\])'
--exclude '^https?://support\.discord\.com'
'./docs/**/*.md'
'./docs/**/*.mdx'
'./gen-docs/**/*.md'
'./gen-docs/**/*.mdx'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Lychee report
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: lychee-report
path: |
lychee/out.md
lychee/results.json
if-no-files-found: ignore
- name: Upload Lychee report
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: lychee-report
path: |
lychee/out.md
lychee/results.json
if-no-files-found: ignore

88
.github/workflows/trivy-scan.yml vendored
View File

@@ -3,59 +3,59 @@
name: Trivy Container Vulnerability Scan
on:
workflow_run:
workflows:
- Seerr Release
types:
- completed
schedule:
- cron: '50 7 * * 5'
workflow_dispatch:
workflow_run:
workflows:
- Seerr Release
types:
- completed
schedule:
- cron: '50 7 * * 5'
workflow_dispatch:
permissions:
contents: read
contents: read
concurrency:
group: trivy-scan-${{ github.ref }}
cancel-in-progress: true
group: trivy-scan-${{ github.ref }}
cancel-in-progress: true
jobs:
trivy:
if: ${{ github.event_name != 'workflow_run' || github.event.workflow_run.conclusion == 'success' }}
name: Scan latest container image
runs-on: ubuntu-24.04
trivy:
if: ${{ github.event_name != 'workflow_run' || github.event.workflow_run.conclusion == 'success' }}
name: Scan latest container image
runs-on: ubuntu-24.04
permissions:
contents: read
security-events: write
permissions:
contents: read
security-events: write
env:
TRIVY_CACHE_DIR: .trivycache
env:
TRIVY_CACHE_DIR: .trivycache
steps:
- name: Checkout
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
fetch-depth: 0
persist-credentials: false
steps:
- name: Checkout
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
fetch-depth: 0
persist-credentials: false
- name: Cache Trivy DB
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
with:
path: .trivycache
key: trivy-${{ runner.os }}-${{ hashFiles('**/Dockerfile') }}
restore-keys: |
trivy-${{ runner.os }}-
- name: Cache Trivy DB
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
with:
path: .trivycache
key: trivy-${{ runner.os }}-${{ hashFiles('**/Dockerfile') }}
restore-keys: |
trivy-${{ runner.os }}-
- name: Run Trivy image scan
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # v0.33.1
with:
image-ref: ghcr.io/${{ github.repository }}:latest
format: sarif
output: trivy.sarif
ignore-unfixed: true
- name: Run Trivy image scan
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
with:
image-ref: ghcr.io/${{ github.repository }}:latest
format: sarif
output: trivy.sarif
ignore-unfixed: true
- name: Upload SARIF to code scanning
uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6
with:
sarif_file: trivy.sarif
- name: Upload SARIF to code scanning
uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6
with:
sarif_file: trivy.sarif