feat(seo): discoverability + Schema.org + IndexNow + Trivy #1
@@ -42,6 +42,21 @@ jobs:
|
|||||||
|
|
||||||
cd "$DEPLOY_PATH"
|
cd "$DEPLOY_PATH"
|
||||||
docker compose build
|
docker compose build
|
||||||
|
|
||||||
|
# Trivy scan локально собранного образа (HIGH+CRITICAL, не блокирует).
|
||||||
|
# ghcr.io вместо docker.io — обход rate limit Docker Hub.
|
||||||
|
echo "=== Trivy scan: anotherreflections-ru-v2:latest ==="
|
||||||
|
docker run --rm \
|
||||||
|
-v /var/run/docker.sock:/var/run/docker.sock \
|
||||||
|
-v /tmp/trivy-cache:/root/.cache/ \
|
||||||
|
ghcr.io/aquasecurity/trivy:latest image \
|
||||||
|
--severity HIGH,CRITICAL \
|
||||||
|
--no-progress \
|
||||||
|
--exit-code 0 \
|
||||||
|
--timeout 5m \
|
||||||
|
anotherreflections-ru-v2:latest || true
|
||||||
|
echo "=== Trivy scan done ==="
|
||||||
|
|
||||||
docker compose up -d
|
docker compose up -d
|
||||||
sleep 5
|
sleep 5
|
||||||
docker compose ps
|
docker compose ps
|
||||||
|
|||||||
Reference in New Issue
Block a user