diff --git a/.forgejo/workflows/ci.yml b/.forgejo/workflows/ci.yml index 3940b7f..a72cb61 100644 --- a/.forgejo/workflows/ci.yml +++ b/.forgejo/workflows/ci.yml @@ -16,7 +16,7 @@ jobs: - name: Setup OpenTofu run: | if ! command -v tofu &> /dev/null; then - curl -fsSL https://get.opentofu.org/install-opentofu.sh | bash + curl -fsSL https://get.opentofu.org/install-opentofu.sh | bash -s -- --install-method standalone fi - name: Terraform Format Check @@ -62,8 +62,8 @@ jobs: - name: Install Ansible run: | if ! command -v ansible &> /dev/null; then - sudo apt-get update - sudo apt-get install -y ansible + apt-get update + apt-get install -y ansible fi - name: Ansible Syntax Check @@ -97,7 +97,7 @@ jobs: run: | if ! command -v kubectl &> /dev/null; then curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" - sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl + install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl fi - name: Validate Kubernetes Manifests @@ -110,7 +110,7 @@ jobs: if ! command -v kubeconform &> /dev/null; then wget https://github.com/yannh/kubeconform/releases/latest/download/kubeconform-linux-amd64.tar.gz tar xf kubeconform-linux-amd64.tar.gz - sudo mv kubeconform /usr/local/bin/ + mv kubeconform /usr/local/bin/ fi - name: Kubeconform Validation @@ -128,10 +128,10 @@ jobs: - name: Install Trivy run: | if ! command -v trivy &> /dev/null; then - wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - - echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list - sudo apt-get update - sudo apt-get install -y trivy + wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | apt-key add - + echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | tee -a /etc/apt/sources.list.d/trivy.list + apt-get update + apt-get install -y trivy fi - name: Run Trivy IaC Scan