NishantRajputRN
@@ -42,12 +42,17 @@ jobs:
|
||||
"${HOME}/bin/trivy" --version
|
||||
|
||||
# Use "${HOME}/bin/trivy" — act/Gitea may not prepend GITHUB_PATH before the next step.
|
||||
# Gitea only orchestrates the job; checkout + report.json live on the runner machine (this server), not on the Gitea host.
|
||||
- name: Trivy filesystem scan
|
||||
run: |
|
||||
"${HOME}/bin/trivy" fs -f json -o report.json \
|
||||
--skip-dirs node_modules,android/.gradle,android/build,ios/Pods,ios/build,.git \
|
||||
--exit-code 0 \
|
||||
.
|
||||
report_path="${GITHUB_WORKSPACE:-$(pwd)}/report.json"
|
||||
echo "Runner host: $(hostname)"
|
||||
echo "report.json (on this runner, under job workspace): ${report_path}"
|
||||
ls -la report.json
|
||||
|
||||
# - name: Upload Trivy report
|
||||
# uses: actions/upload-artifact@v3
|
||||
|
||||
Reference in New Issue
Block a user