ci: move hadolint options in GHA workflow options #58
mbolognabuild-scan-push.yml
on: push
Lint & Static Analysis
12s
Matrix: Security Scan
Generate Release Notes
0s
Annotations
3 errors and 5 warnings
|
Lint & Static Analysis:
Dockerfile#L99
DL3008 warning: Pin versions in apt get install. Instead of `apt-get install <package>` use `apt-get install <package>=<version>`
|
|
Lint & Static Analysis:
Dockerfile#L25
DL3008 warning: Pin versions in apt get install. Instead of `apt-get install <package>` use `apt-get install <package>=<version>`
|
|
Security Scan (grype)
Path does not exist: grype-results.sarif
|
|
Build & Push Multi-Arch Image
Skip output 'image-tags' since it may contain secret.
|
|
Security Scan (trivy)
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Security Scan (grype)
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
|
|
Security Scan (grype)
Failed minimum severity level. Found vulnerabilities with level 'high' or higher
|
|
Security Scan (grype)
Unexpected input(s) 'output-file', valid inputs are ['image', 'path', 'sbom', 'fail-build', 'output-format', 'severity-cutoff', 'only-fixed', 'add-cpes-if-none', 'by-cve', 'grype-version', 'vex']
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
mbologna-docker-bitlbee_latest.cyclonedx.json
Expired
|
506 KB |
sha256:2ee23f7bdefec96cf02ba343da7abe0f248fe60268eea9be0b043c3b80f5001c
|
|
|
mbologna~docker-bitlbee~MUMS9U.dockerbuild
Expired
|
333 KB |
sha256:1193ce4d6a935e88531b53cb6b8c0a506927c605eb005a78ededb3a862605559
|
|
|
sbom
Expired
|
506 KB |
sha256:96e49d087a7602497c3c08f5ef3dd7afce2d9921e18fb6091ad9cefa6a6008e9
|
|