ci: improve image tag handling and add staging to security scan
This commit is contained in:
@@ -828,7 +828,11 @@ jobs:
|
|||||||
DEPLOYMENT_HOST="${{ env.DEPLOYMENT_HOST }}"
|
DEPLOYMENT_HOST="${{ env.DEPLOYMENT_HOST }}"
|
||||||
REGISTRY="${{ env.REGISTRY }}"
|
REGISTRY="${{ env.REGISTRY }}"
|
||||||
IMAGE_NAME="${{ env.IMAGE_NAME }}"
|
IMAGE_NAME="${{ env.IMAGE_NAME }}"
|
||||||
IMAGE_TAG="latest"
|
IMAGE_TAG="${{ needs.build.outputs.image_tag || 'latest' }}"
|
||||||
|
|
||||||
|
if [ -z "$IMAGE_TAG" ] || [ "$IMAGE_TAG" = "null" ]; then
|
||||||
|
IMAGE_TAG="latest"
|
||||||
|
fi
|
||||||
|
|
||||||
FULL_IMAGE="${REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG}"
|
FULL_IMAGE="${REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG}"
|
||||||
STACK_PATH="~/deployment/stacks/staging"
|
STACK_PATH="~/deployment/stacks/staging"
|
||||||
|
|||||||
@@ -2,9 +2,9 @@ name: Security Vulnerability Scan
|
|||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches: [ main, develop ]
|
branches: [ main, staging, develop ]
|
||||||
pull_request:
|
pull_request:
|
||||||
branches: [ main, develop ]
|
branches: [ main, staging, develop ]
|
||||||
schedule:
|
schedule:
|
||||||
# Daily security scan at 2 AM UTC
|
# Daily security scan at 2 AM UTC
|
||||||
- cron: '0 2 * * *'
|
- cron: '0 2 * * *'
|
||||||
|
|||||||
Reference in New Issue
Block a user