From 8657175d7a5e952863f8bdfe18c583475a922b4b Mon Sep 17 00:00:00 2001
From: chris <christiansteinle@arcor.de>
Date: Fri, 8 Mar 2024 13:59:08 +0100
Subject: [PATCH] Test trivy with tar output.

---
 .gitea/workflows/release.yml | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml
index d4faa23..9e0e860 100644
--- a/.gitea/workflows/release.yml
+++ b/.gitea/workflows/release.yml
@@ -43,5 +43,12 @@ jobs:
         with:
           tags: cs-git.ddnss.de/ri-st/startup:latest
           push: true
-#          cache-from: type=gha
-#          cache-to: type=gha,mode=max
+          outputs: type=docker,dest=/tmp/startup.tar
+
+      - name: Check with trivy
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-ref: '/tmp/startup.tar'
+          scan-type: 'fs'
+          format: 'table'
+          vuln-type: 'os,library'