pull before trivy

2026-04-30 14:18:00 +03:30
parent b531f55bd0
commit 107a95a100
1 changed files with 6 additions and 0 deletions
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -354,6 +354,12 @@ jobs:
            --output sbom-repo.json \
            .

+      - name: Pull the Docker image
+        env:
+          IMAGE_DIGEST: ${{ fromJSON(needs.build-image.outputs.metadata).regular.digest }}
+        run: |
+          docker pull "${{ env.IMAGE }}@${IMAGE_DIGEST}"
+
      - name: Generate image SBOM with Trivy
        env:
          IMAGE_DIGEST: ${{ fromJSON(needs.build-image.outputs.metadata).regular.digest }}