From b7d091c84a1c2b1b3158a0f93235e0861c9ddf52 Mon Sep 17 00:00:00 2001
From: Clemens Hering <clemens.hering@valtrix.systems>
Date: Sat, 15 Nov 2025 08:24:31 +0100
Subject: [PATCH] Added pipeline image scan

---
 .gitea/workflows/image-scan.yaml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.gitea/workflows/image-scan.yaml b/.gitea/workflows/image-scan.yaml
index e545228..cc9ef5e 100644
--- a/.gitea/workflows/image-scan.yaml
+++ b/.gitea/workflows/image-scan.yaml
@@ -19,6 +19,18 @@ jobs:
       SSH_KNOWN_HOSTS: ${{ secrets.SSH_KNOWN_HOSTS }}
 
     steps:
+      - name: Setup SSH for git/scp
+        shell: bash
+        run: |
+          install -m 700 -d ~/.ssh
+          printf "%s\n" "$SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519
+          chmod 600 ~/.ssh/id_ed25519
+          printf "%s\n" "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts || true
+          chmod 644 ~/.ssh/known_hosts
+          # Ensure host keys exist
+          (ssh-keygen -F "$TARGET_HOST" >/dev/null || ssh-keyscan -H "$TARGET_HOST" >> ~/.ssh/known_hosts) || true
+          (ssh-keygen -F gitea.smb-corp.de >/dev/null || ssh-keyscan -H gitea.smb-corp.de >> ~/.ssh/known_hosts) || true
+          
       - name: Build container on target host
         shell: bash
         run: |