From 866db673af8cf23f2e817ef31b6f748be81853ff Mon Sep 17 00:00:00 2001
From: Felix Scholze <felix@webshaped.de>
Date: Fri, 28 Feb 2025 16:15:42 +0100
Subject: [PATCH] ci: onyl build arm64; fix image-ref for Trivy

---
 .github/workflows/docker-build.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
index 5556512..8b9f2cc 100644
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -68,7 +68,8 @@ jobs:
         uses: docker/build-push-action@v6
         with:
           context: .
-          platforms: linux/amd64,linux/arm64
+          # platforms: linux/amd64,linux/arm64
+          platforms: linux/arm64
           push: false
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
@@ -76,7 +77,7 @@ jobs:
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@0.28.0
         with:
-          image-ref: "ghcr.io/${{ github.repository }}:${{ steps.meta.outputs.tags }}"
+          image-ref: "ghcr.io/${{ github.repository }}:${{ github.sha }}"
           format: "sarif"
           output: "trivy-results.sarif"
 
@@ -90,7 +91,8 @@ jobs:
         uses: docker/build-push-action@v6
         with:
           context: .
-          platforms: linux/amd64,linux/arm64
+          # platforms: linux/amd64,linux/arm64
+          platforms: linux/arm64
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}