From d3e92c732fc360f4f18874f9add5f8d317daf05a Mon Sep 17 00:00:00 2001
From: Knut Ahlers <knut@ahlers.me>
Date: Mon, 12 Jun 2023 23:10:24 +0200
Subject: [PATCH] ci: Move Trivy checks after build

in order to scan built binaries too

Signed-off-by: Knut Ahlers <knut@ahlers.me>
---
 .github/workflows/test-and-build.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/test-and-build.yml b/.github/workflows/test-and-build.yml
index 130977e..dfc8ec6 100644
--- a/.github/workflows/test-and-build.yml
+++ b/.github/workflows/test-and-build.yml
@@ -54,9 +54,6 @@ jobs:
         run: |
           go test -v ./...
 
-      - name: Execute Trivy scan
-        run: make trivy
-
       - name: Build release
         run: make publish
         env:
@@ -65,6 +62,9 @@ jobs:
           NO_TESTS: 'true'
           PACKAGES: '.'
 
+      - name: Execute Trivy scan
+        run: make trivy
+
       - name: Extract changelog
         run: 'awk "/^#/ && ++c==2{exit}; /^#/f" "History.md" | tail -n +2 >release_changelog.md'