From 65ac7161775ff72091b7c9dfdc3c271dd8e1c45a Mon Sep 17 00:00:00 2001
From: NishantRajputRN <nishantlodhi2468@gmail.com>
Date: Wed, 13 May 2026 11:04:11 +0530
Subject: [PATCH] trviy check

---
 .gitea/workflows/azure-pipelines.yml | 22 +++++++++++++++++-----
 App.js                               | 15 ---------------
 2 files changed, 17 insertions(+), 20 deletions(-)

diff --git a/.gitea/workflows/azure-pipelines.yml b/.gitea/workflows/azure-pipelines.yml
index 3cb626f..0d25e82 100644
--- a/.gitea/workflows/azure-pipelines.yml
+++ b/.gitea/workflows/azure-pipelines.yml
@@ -51,18 +51,30 @@ jobs:
             .
           report_path="${GITHUB_WORKSPACE:-$(pwd)}/report.json"
           echo "Runner host: $(hostname)"
-          echo "report.json (on this runner, under job workspace): ${report_path}"
+          echo "report.json (inside job container): ${report_path}"
           ls -la report.json
-          mkdir -p /home/azureuser/builds
-          cp -f report.json /home/azureuser/builds/trivy-report.json
-          echo "Persistent copy (survives after job workspace is removed): /home/azureuser/builds/trivy-report.json"
 
-      # - name: Upload Trivy report
+      # Download this artifact from the Gitea run UI — file leaves the ephemeral job container without docker cp.
+      # - name: Upload Trivy report (artifact)
       #   uses: actions/upload-artifact@v3
       #   with:
       #     name: trivy-fs-report
       #     path: report.json
 
+      # Optional: persist on the VM host. In act_runner config.yaml set (then restart runner):
+      #   container:
+      #     options: "-v /home/azureuser/gitea-reports:/gitea-reports"
+      # If your config uses valid_volumes, allow that host path (see act_runner config.example.yaml).
+      - name: Copy Trivy report to host bind mount (if configured)
+        run: |
+          if [ -d /gitea-reports ] && [ -w /gitea-reports ]; then
+            out="/gitea-reports/trivy-report-${GITHUB_RUN_ID:-$(date +%s)}.json"
+            cp -f report.json "${out}"
+            echo "Copied to bind mount (see host dir mapped to /gitea-reports): ${out}"
+          else
+            echo "Skip host copy: no /gitea-reports volume. Use artifact above, or add runner container.options volume — see workflow comment."
+          fi
+
       # ---------------- SONARQUBE ----------------
       # In Gitea: Settings → Secrets → SONAR_TOKEN (and optionally SONAR_URL).
       - name: SonarQube Scan
diff --git a/App.js b/App.js
index eb41048..c863848 100644
--- a/App.js
+++ b/App.js
@@ -1,17 +1,2 @@
 
 console.log("trest")
-console.log("test2")
-console.log("test3")
-console.log("test4")
-console.log("test5")
-console.log("test6")
-console.log("test7")
-console.log("test8")
-console.log("test9")
-console.log("test10")
-console.log("test11")
-console.log("test12")
-console.log("test13")
-console.log("test14")
-console.log("test15")
-console.log("test16")
\ No newline at end of file