woodpecker/.woodpecker/securityscan.yml
Patrick Schratz e3bcdbecfa
Add tests on renovate branches (#2798)
This sets the scene for a potential automerge of dev deps when tests
pass.

What is still missing is that somebody triggers the CI run (or a
whitelist for it).

---------

Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2023-11-11 21:35:48 +01:00

37 lines
725 B
YAML

version: 1
when:
- event: [pull_request, cron]
- event: push
branch:
- ${CI_REPO_DEFAULT_BRANCH}
- release/*
- renovate/*
variables:
- &trivy_image aquasec/trivy:0.46.1
- &trivy_plugin woodpeckerci/plugin-trivy:1.0.1
steps:
check backend:
group: check
image: *trivy_plugin
settings:
skip-dirs: web/,docs/
check docs:
group: check
image: *trivy_plugin
settings:
skip-dirs: node_modules/,plugins/woodpecker-plugins/node_modules/
dir: docs/
when:
event: [pull_request, push, cron]
branch: ${CI_REPO_DEFAULT_BRANCH}
check web:
group: check
image: *trivy_plugin
settings:
skip-dirs: node_modules/
dir: web/