From aece2d739d4c222f386ea33f6860959963555262 Mon Sep 17 00:00:00 2001
From: devitway <devitway@gmail.com>
Date: Mon, 23 Feb 2026 14:01:31 +0000
Subject: [PATCH] ci: add registry credentials to trivy image scan

---
 .github/workflows/release.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index f4299a9..205756b 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -110,6 +110,9 @@ jobs:
           output: trivy-image-${{ matrix.name }}.sarif
           severity: HIGH,CRITICAL
           exit-code: 0  # warn only; change to 1 to block on vulnerabilities
+        env:
+          TRIVY_USERNAME: ${{ github.actor }}
+          TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Upload Trivy image results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v3