Merge pull request 'ci(deploy): increase trivy image scan timeout to 30m' (#141 ) from fix/deploy-trivy-image-timeout into main

Merge pull request #141: ci(deploy): increase trivy image scan timeout to 30m
ci(deploy): increase trivy image scan timeout to 30m
2026-06-13 20:28:21 +03:00 · 2026-06-13 20:24:23 +03:00 · 2026-06-13 20:24:07 +03:00 · 2026-06-13 19:32:15 +03:00 · 2026-06-13 19:29:57 +03:00 · 2026-06-13 18:43:40 +03:00
1 changed files with 17 additions and 1 deletions
@@ -70,6 +70,13 @@ jobs:
    needs: build-and-push
    runs-on: ubuntu-latest
    steps:
+      - name: Login to Gitea Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: git.codeanddice.ru
+          username: toutsu
+          password: ${{ secrets.GIT_TOKEN }}
+
      - name: Install Trivy
        run: |
          # Install Trivy from the official Docker image instead of the
@@ -78,7 +85,7 @@ jobs:
          #      GitHub releases API; when a release is unpublished or
          #      yanked, the script fails with
          #      `unable to find '<tag>' - use 'latest' or see ...`
-          #      even when the release once existed. We hit this with
+          #      when the release once existed. We hit this with
          #      v0.71.0.
          #   2. Docker Hub tags are content-addressed and rarely
          #      removed, so a pinned image tag is much more stable.
@@ -94,9 +101,16 @@ jobs:
          chmod +x /usr/local/bin/trivy
          trivy --version

+      - name: Pull images for scan
+        run: |
+          docker pull git.codeanddice.ru/toutsu/gmrelay-bot:${{ env.VERSION }}
+          docker pull git.codeanddice.ru/toutsu/gmrelay-discord-bot:${{ env.VERSION }}
+          docker pull git.codeanddice.ru/toutsu/gmrelay-web:${{ env.VERSION }}
+
      - name: Scan Bot image
        run: |
          trivy image \
+            --timeout 30m \
            --severity HIGH,CRITICAL \
            --exit-code 1 \
            --format table \
@@ -105,6 +119,7 @@ jobs:
      - name: Scan Discord Bot image
        run: |
          trivy image \
+            --timeout 30m \
            --severity HIGH,CRITICAL \
            --exit-code 1 \
            --format table \
@@ -113,6 +128,7 @@ jobs:
      - name: Scan Web image
        run: |
          trivy image \
+            --timeout 30m \
            --severity HIGH,CRITICAL \
            --exit-code 1 \
            --format table \
Author	SHA1	Message	Date
Toutsu	d137c334d6	Merge pull request 'ci(deploy): increase trivy image scan timeout to 30m' (#141 ) from fix/deploy-trivy-image-timeout into main Deploy Telegram Bot / build-and-push (push) Successful in 6m5s Details Deploy Telegram Bot / scan-images (push) Successful in 9m39s Details Deploy Telegram Bot / deploy (push) Successful in 2m9s Details Merge pull request #141: ci(deploy): increase trivy image scan timeout to 30m	2026-06-13 20:28:21 +03:00
Toutsu	27f9ceb038	ci(deploy): increase trivy image scan timeout to 30m PR Checks / test-and-build (pull_request) Successful in 27m45s Details Slow ARM64 runners hit the default timeout while initializing the container image scan after pulling. Extend the timeout so image scans can complete reliably.	2026-06-13 20:24:23 +03:00
Toutsu	f53c1f6aae	Merge branch 'main' of ssh://git.codeanddice.ru:222/Toutsu/GmRelayBot	2026-06-13 20:24:07 +03:00
Toutsu	e59b0a78fd	Merge pull request 'ci(deploy): login and pull images before Trivy scan' (#140 ) from fix/deploy-scan-pull-images into main Deploy Telegram Bot / build-and-push (push) Successful in 4m21s Details Deploy Telegram Bot / scan-images (push) Successful in 9m18s Details Deploy Telegram Bot / deploy (push) Successful in 1m10s Details Merge pull request #140: ci(deploy): login and pull images before Trivy scan	2026-06-13 19:32:15 +03:00
Toutsu	b952be23eb	ci(deploy): login and pull images before Trivy scan PR Checks / test-and-build (pull_request) Successful in 32m3s Details The scan-images job runs on a fresh runner that does not have the images built by the build-and-push job. Login to the registry and pull the images before scanning, otherwise Trivy cannot find them.	2026-06-13 19:29:57 +03:00
Toutsu	4054d49ccb	Merge pull request 'feat(rendering): display description, system, duration, format, type and location in Telegram game card' (#139 ) from feature/telegram-game-card-fields into main Deploy Telegram Bot / build-and-push (push) Successful in 3m51s Details Deploy Telegram Bot / scan-images (push) Failing after 8m4s Details Deploy Telegram Bot / deploy (push) Has been skipped Details Merge pull request #139: feat(rendering): display description, system, duration, format, type and location in Telegram game card Bump version to 3.11.0.	2026-06-13 18:43:40 +03:00