pplate/cannamanage
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ad7f4e2b1c62b3929b9d4b01949caa0ac25cf7e7
cannamanage/.gitea
T
History
Patrick Plate ad7f4e2b1c
CI — Build, Lint & Security Scan / backend (push) Failing after 1m54s
Details
CI — Build, Lint & Security Scan / image-scan (push) Has been cancelled
Details
CI — Build, Lint & Security Scan / frontend (push) Has been cancelled
Details
CI — Build, Lint & Security Scan / secrets-scan (push) Has been cancelled
Details
Deploy to TrueNAS / deploy (push) Has been cancelled
Details
feat(ci): add security scanning pipeline — OWASP, Trivy, Gitleaks, pnpm audit 
New CI workflow (.gitea/workflows/ci.yml) runs on every push to main:
- Backend: Maven compile + test + OWASP Dependency-Check (fails on CVSS>=7)
- Frontend: pnpm lint + type-check + pnpm audit (fails on High/Critical)
- Docker image scan: Trivy for both backend/frontend images (High/Critical)
- Secrets detection: Gitleaks full-repo scan

Deploy workflow remains independent (self-hosted runner limitation).
Both workflows run in parallel on push to main.
2026-06-19 09:15:20 +02:00
..
workflows
feat(ci): add security scanning pipeline — OWASP, Trivy, Gitleaks, pnpm audit
2026-06-19 09:15:20 +02:00