From 315dd6bca734f55a30b84b9677360d30e60d9899 Mon Sep 17 00:00:00 2001
From: Josh <jcoakley@aptivaai.com>
Date: Fri, 8 Aug 2025 13:26:13 +0000
Subject: [PATCH] pipline rewrite v4

---
 .woodpecker.yml | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index b365075..09e2a51 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -11,20 +11,15 @@ steps:
       - -c
       - |
         set -euo pipefail
-        # Get the image tag from the same secret you already use
+
         IMG_TAG=$(gcloud secrets versions access latest --secret=IMG_TAG --project=aptivaai-dev)
         REG=us-central1-docker.pkg.dev/aptivaai-dev/aptiva-repo
 
-        # Install Trivy (keeps your flow, no extra images)
         apt-get update -qq
-        apt-get install -y -qq gnupg apt-transport-https curl
-        curl -fsSL https://aquasecurity.github.io/trivy-repo/deb/public.key \
-          | gpg --dearmor -o /usr/share/keyrings/trivy.gpg
-        echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb stable main" \
-          > /etc/apt/sources.list.d/trivy.list
-        apt-get update -qq && apt-get install -y -qq trivy
+        apt-get install -y -qq gnupg apt-transport-https curl ca-certificates docker.io
+
+        curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | bash
 
-        # Auth to Artifact Registry so Trivy can pull manifests
         gcloud auth configure-docker us-central1-docker.pkg.dev -q
 
         trivy image --exit-code 1 --severity CRITICAL $REG/server1:$IMG_TAG