ci(deploy): increase trivy image scan timeout to 30m

Slow ARM64 runners hit the default timeout while initializing the container image scan after pulling. Extend the timeout so image scans can complete reliably.
Merge branch 'main' of ssh://git.codeanddice.ru:222/Toutsu/GmRelayBot
2026-06-13 20:24:23 +03:00 · 2026-06-13 20:24:07 +03:00 · 2026-06-13 19:32:15 +03:00 · 2026-06-13 19:29:57 +03:00 · 2026-06-13 18:43:40 +03:00
1 changed files with 17 additions and 1 deletions
@@ -70,6 +70,13 @@ jobs:
    needs: build-and-push
    runs-on: ubuntu-latest
    steps:
+      - name: Login to Gitea Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: git.codeanddice.ru
+          username: toutsu
+          password: ${{ secrets.GIT_TOKEN }}
+
      - name: Install Trivy
        run: |
          # Install Trivy from the official Docker image instead of the
@@ -78,7 +85,7 @@ jobs:
          #      GitHub releases API; when a release is unpublished or
          #      yanked, the script fails with
          #      `unable to find '<tag>' - use 'latest' or see ...`
-          #      even when the release once existed. We hit this with
+          #      when the release once existed. We hit this with
          #      v0.71.0.
          #   2. Docker Hub tags are content-addressed and rarely
          #      removed, so a pinned image tag is much more stable.
@@ -94,9 +101,16 @@ jobs:
          chmod +x /usr/local/bin/trivy
          trivy --version

+      - name: Pull images for scan
+        run: |
+          docker pull git.codeanddice.ru/toutsu/gmrelay-bot:${{ env.VERSION }}
+          docker pull git.codeanddice.ru/toutsu/gmrelay-discord-bot:${{ env.VERSION }}
+          docker pull git.codeanddice.ru/toutsu/gmrelay-web:${{ env.VERSION }}
+
      - name: Scan Bot image
        run: |
          trivy image \
+            --timeout 30m \
            --severity HIGH,CRITICAL \
            --exit-code 1 \
            --format table \
@@ -105,6 +119,7 @@ jobs:
      - name: Scan Discord Bot image
        run: |
          trivy image \
+            --timeout 30m \
            --severity HIGH,CRITICAL \
            --exit-code 1 \
            --format table \
@@ -113,6 +128,7 @@ jobs:
      - name: Scan Web image
        run: |
          trivy image \
+            --timeout 30m \
            --severity HIGH,CRITICAL \
            --exit-code 1 \
            --format table \
Author	SHA1	Message	Date
Toutsu	27f9ceb038	ci(deploy): increase trivy image scan timeout to 30m PR Checks / test-and-build (pull_request) Successful in 27m45s Details Slow ARM64 runners hit the default timeout while initializing the container image scan after pulling. Extend the timeout so image scans can complete reliably.	2026-06-13 20:24:23 +03:00
Toutsu	f53c1f6aae	Merge branch 'main' of ssh://git.codeanddice.ru:222/Toutsu/GmRelayBot	2026-06-13 20:24:07 +03:00
Toutsu	e59b0a78fd	Merge pull request 'ci(deploy): login and pull images before Trivy scan' (#140 ) from fix/deploy-scan-pull-images into main Deploy Telegram Bot / build-and-push (push) Successful in 4m21s Details Deploy Telegram Bot / scan-images (push) Successful in 9m18s Details Deploy Telegram Bot / deploy (push) Successful in 1m10s Details Merge pull request #140: ci(deploy): login and pull images before Trivy scan	2026-06-13 19:32:15 +03:00
Toutsu	b952be23eb	ci(deploy): login and pull images before Trivy scan PR Checks / test-and-build (pull_request) Successful in 32m3s Details The scan-images job runs on a fresh runner that does not have the images built by the build-and-push job. Login to the registry and pull the images before scanning, otherwise Trivy cannot find them.	2026-06-13 19:29:57 +03:00
Toutsu	4054d49ccb	Merge pull request 'feat(rendering): display description, system, duration, format, type and location in Telegram game card' (#139 ) from feature/telegram-game-card-fields into main Deploy Telegram Bot / build-and-push (push) Successful in 3m51s Details Deploy Telegram Bot / scan-images (push) Failing after 8m4s Details Deploy Telegram Bot / deploy (push) Has been skipped Details Merge pull request #139: feat(rendering): display description, system, duration, format, type and location in Telegram game card Bump version to 3.11.0.	2026-06-13 18:43:40 +03:00