NishantRajputRN
@@ -51,18 +51,30 @@ jobs:
|
||||
.
|
||||
report_path="${GITHUB_WORKSPACE:-$(pwd)}/report.json"
|
||||
echo "Runner host: $(hostname)"
|
||||
echo "report.json (on this runner, under job workspace): ${report_path}"
|
||||
echo "report.json (inside job container): ${report_path}"
|
||||
ls -la report.json
|
||||
mkdir -p /home/azureuser/builds
|
||||
cp -f report.json /home/azureuser/builds/trivy-report.json
|
||||
echo "Persistent copy (survives after job workspace is removed): /home/azureuser/builds/trivy-report.json"
|
||||
|
||||
# - name: Upload Trivy report
|
||||
# Download this artifact from the Gitea run UI — file leaves the ephemeral job container without docker cp.
|
||||
# - name: Upload Trivy report (artifact)
|
||||
# uses: actions/upload-artifact@v3
|
||||
# with:
|
||||
# name: trivy-fs-report
|
||||
# path: report.json
|
||||
|
||||
# Optional: persist on the VM host. In act_runner config.yaml set (then restart runner):
|
||||
# container:
|
||||
# options: "-v /home/azureuser/gitea-reports:/gitea-reports"
|
||||
# If your config uses valid_volumes, allow that host path (see act_runner config.example.yaml).
|
||||
- name: Copy Trivy report to host bind mount (if configured)
|
||||
run: |
|
||||
if [ -d /gitea-reports ] && [ -w /gitea-reports ]; then
|
||||
out="/gitea-reports/trivy-report-${GITHUB_RUN_ID:-$(date +%s)}.json"
|
||||
cp -f report.json "${out}"
|
||||
echo "Copied to bind mount (see host dir mapped to /gitea-reports): ${out}"
|
||||
else
|
||||
echo "Skip host copy: no /gitea-reports volume. Use artifact above, or add runner container.options volume — see workflow comment."
|
||||
fi
|
||||
|
||||
# ---------------- SONARQUBE ----------------
|
||||
# In Gitea: Settings → Secrets → SONAR_TOKEN (and optionally SONAR_URL).
|
||||
- name: SonarQube Scan
|
||||
|
||||
Reference in New Issue
Block a user