feat(seo): discoverability + Schema.org + IndexNow + Trivy #1
@@ -25,6 +25,23 @@ jobs:
|
|||||||
printf '%s\n' "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts
|
printf '%s\n' "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts
|
||||||
chmod 644 ~/.ssh/known_hosts
|
chmod 644 ~/.ssh/known_hosts
|
||||||
|
|
||||||
|
- name: Build image for security scan
|
||||||
|
run: |
|
||||||
|
docker build -t pushkinohistory-ru-v2:scan .
|
||||||
|
|
||||||
|
- name: Trivy image scan (HIGH+CRITICAL, warning only)
|
||||||
|
run: |
|
||||||
|
docker run --rm \
|
||||||
|
-v /var/run/docker.sock:/var/run/docker.sock \
|
||||||
|
-v "$PWD":/workspace \
|
||||||
|
ghcr.io/aquasecurity/trivy:latest \
|
||||||
|
image \
|
||||||
|
--severity HIGH,CRITICAL \
|
||||||
|
--ignore-unfixed \
|
||||||
|
--no-progress \
|
||||||
|
--exit-code 0 \
|
||||||
|
pushkinohistory-ru-v2:scan
|
||||||
|
|
||||||
- name: Deploy to web.hhivp.com
|
- name: Deploy to web.hhivp.com
|
||||||
run: |
|
run: |
|
||||||
ssh -i ~/.ssh/id_deploy striker@web.hhivp.com bash -s <<'REMOTE'
|
ssh -i ~/.ssh/id_deploy striker@web.hhivp.com bash -s <<'REMOTE'
|
||||||
|
|||||||
Reference in New Issue
Block a user