feat(seo): discoverability + Schema.org + IndexNow + Trivy #1
@@ -25,6 +25,23 @@ jobs:
|
||||
printf '%s\n' "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts
|
||||
chmod 644 ~/.ssh/known_hosts
|
||||
|
||||
- name: Build image for security scan
|
||||
run: |
|
||||
docker build -t pushkinohistory-ru-v2:scan .
|
||||
|
||||
- name: Trivy image scan (HIGH+CRITICAL, warning only)
|
||||
run: |
|
||||
docker run --rm \
|
||||
-v /var/run/docker.sock:/var/run/docker.sock \
|
||||
-v "$PWD":/workspace \
|
||||
ghcr.io/aquasecurity/trivy:latest \
|
||||
image \
|
||||
--severity HIGH,CRITICAL \
|
||||
--ignore-unfixed \
|
||||
--no-progress \
|
||||
--exit-code 0 \
|
||||
pushkinohistory-ru-v2:scan
|
||||
|
||||
- name: Deploy to web.hhivp.com
|
||||
run: |
|
||||
ssh -i ~/.ssh/id_deploy striker@web.hhivp.com bash -s <<'REMOTE'
|
||||
|
||||
Reference in New Issue
Block a user