ci: refresh workflow (re-run pipelines)

2026-05-29 21:19:56 -05:00 · 2026-05-29 21:19:56 -05:00 · d876a67244
commit d876a67244
parent 4fd6c4f24c
1 changed files with 8 additions and 3 deletions
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@ -1,5 +1,5 @@
 ---
-# ci-sync: 2026-05-30T01:31:07Z
+# ci-sync: 2026-05-30T02:20:03Z
 # Homelab CI — Docker/heavy lane (git-ci-02)
 name: CI

@ -42,7 +42,8 @@ jobs:
          for f in Dockerfile docker/**/Dockerfile */Dockerfile; do
            [ -f "$f" ] || continue
            found=1
-            docker run --rm -i hadolint/hadolint < "$f"
+            # Warnings (unpinned apt/pip) are advisory; only errors fail the job
+            docker run --rm -i hadolint/hadolint hadolint --failure-threshold error - < "$f"
          done
          [ "$found" -eq 1 ] || echo "No Dockerfile — skip hadolint"

@ -60,5 +61,9 @@ jobs:
          fetch-depth: 0
      - name: Gitleaks
        run: |
+          extra=""
+          if [ -f .gitleaks.toml ]; then
+            extra="--config /repo/.gitleaks.toml"
+          fi
          docker run --rm -v "$PWD:/repo" ghcr.io/gitleaks/gitleaks:latest \
-            detect --source /repo --no-banner --redact
+            detect --source /repo --no-banner --redact ${extra}