ci: Move Trivy checks after build
in order to scan built binaries too Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
1720ebb665
commit
d3e92c732f
GPG key ID:
D91C3E91E4CAD6F5
1 changed files with 3 additions and 3 deletions
6
.github/workflows/test-and-build.yml
vendored
6
.github/workflows/test-and-build.yml
vendored
|
|
@ -54,9 +54,6 @@ jobs:
|
|||
run: |
|
||||
go test -v ./...
|
||||
|
||||
- name: Execute Trivy scan
|
||||
run: make trivy
|
||||
|
||||
- name: Build release
|
||||
run: make publish
|
||||
env:
|
||||
|
|
@ -65,6 +62,9 @@ jobs:
|
|||
NO_TESTS: 'true'
|
||||
PACKAGES: '.'
|
||||
|
||||
- name: Execute Trivy scan
|
||||
run: make trivy
|
||||
|
||||
- name: Extract changelog
|
||||
run: 'awk "/^#/ && ++c==2{exit}; /^#/f" "History.md" | tail -n +2 >release_changelog.md'
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue