Patrick Plate
ad7f4e2b1c
CI — Build, Lint & Security Scan / backend (push) Failing after 1m54s
CI — Build, Lint & Security Scan / image-scan (push) Has been cancelled
CI — Build, Lint & Security Scan / frontend (push) Has been cancelled
CI — Build, Lint & Security Scan / secrets-scan (push) Has been cancelled
Deploy to TrueNAS / deploy (push) Has been cancelled
New CI workflow (.gitea/workflows/ci.yml) runs on every push to main: - Backend: Maven compile + test + OWASP Dependency-Check (fails on CVSS>=7) - Frontend: pnpm lint + type-check + pnpm audit (fails on High/Critical) - Docker image scan: Trivy for both backend/frontend images (High/Critical) - Secrets detection: Gitleaks full-repo scan Deploy workflow remains independent (self-hosted runner limitation). Both workflows run in parallel on push to main.