From 33ca4270e9784e4129a4c61938fbcb9f2850a92f Mon Sep 17 00:00:00 2001 From: Claude Date: Thu, 19 Feb 2026 20:26:04 +0000 Subject: [PATCH] fix(ci): add missing -y flags and fix trivy command in release pipeline - Add -y to apt install calls for dive and wget/gnupg in install_tools.sh to prevent interactive prompts blocking the CI runner - Remove extra positional image name argument from trivy --input command in release.yaml; --input already specifies the archive to scan https://claude.ai/code/session_01AsbB8zCyMJ9WGHvkvuSHHg --- .github/workflows/release.yaml | 3 +-- scripts/install_tools.sh | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 73d9f06..9582da4 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -109,8 +109,7 @@ jobs: trivy image \ --input "build/${IMAGE_NAME}.tar" \ --severity HIGH,CRITICAL \ - --exit-code 1 \ - "${IMAGE_NAME}:${IMAGE_VERSION}" + --exit-code 1 - name: Login to GHCR env: diff --git a/scripts/install_tools.sh b/scripts/install_tools.sh index 342355f..177eaab 100755 --- a/scripts/install_tools.sh +++ b/scripts/install_tools.sh @@ -9,11 +9,11 @@ set -eo pipefail DIVE_VERSION=$(curl -sL "https://api.github.com/repos/wagoodman/dive/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/') log_info "Installing dive v${DIVE_VERSION}" curl -OL https://github.com/wagoodman/dive/releases/download/v${DIVE_VERSION}/dive_${DIVE_VERSION}_linux_amd64.deb -sudo apt install ./dive_${DIVE_VERSION}_linux_amd64.deb +sudo apt install -y ./dive_${DIVE_VERSION}_linux_amd64.deb rm dive_${DIVE_VERSION}_linux_amd64.deb # Install trivy -sudo apt-get install wget gnupg +sudo apt-get install -y wget gnupg wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null TRIVY_REPO_LINE="deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" TRIVY_LIST_FILE="/etc/apt/sources.list.d/trivy.list"