From 585e23f8d337ab4061765632d61348a7b0e96ee9 Mon Sep 17 00:00:00 2001
From: Alex Pyrgiotis <alex.p@freedom.press>
Date: Wed, 4 Dec 2024 18:27:19 +0200
Subject: [PATCH] fixup! ci: Work with image tarballs that are not tagged as
 'latest'

---
 .github/workflows/build.yml         | 4 ++--
 .github/workflows/scan.yml          | 5 ++---
 .github/workflows/scan_released.yml | 5 ++---
 3 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index e5e60c7d1..35f9597ff 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -99,5 +99,5 @@ jobs:
           gunzip -c share/container.tar.gz | podman load
           tag=$(cat share/image-id.txt)
           podman push \
-                  dangerzone.rocks/dangerzone \
-                  ${{ env.IMAGE_REGISTRY }}/dangerzone/dangerzone:$tag
+                  dangerzone.rocks/dangerzone:$tag \
+                  ${{ env.IMAGE_REGISTRY }}/dangerzone/dangerzone:tag
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
index 0087ac42b..d98510927 100644
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@@ -31,7 +31,7 @@ jobs:
         uses: anchore/scan-action@v5
         id: scan_container
         with:
-          image: "dangerzone.rocks/dangerzone:{{ steps.tag.outputs.tag }}"
+          image: "dangerzone.rocks/dangerzone:${{ steps.tag.outputs.tag }}"
           fail-build: false
           only-fixed: false
           severity-cutoff: critical
@@ -45,8 +45,7 @@ jobs:
       - name: Scan container image
         uses: anchore/scan-action@v5
         with:
-          image: "dangerzone.rocks/dangerzone:{{ steps.tag.outputs.tag }}"
-          fail-build: false
+          image: "dangerzone.rocks/dangerzone:${{ steps.tag.outputs.tag }}"
           fail-build: true
           only-fixed: false
           severity-cutoff: critical
diff --git a/.github/workflows/scan_released.yml b/.github/workflows/scan_released.yml
index 9a353c04c..0333e4925 100644
--- a/.github/workflows/scan_released.yml
+++ b/.github/workflows/scan_released.yml
@@ -35,8 +35,7 @@ jobs:
         uses: anchore/scan-action@v5
         id: scan_container
         with:
-          image: "dangerzone.rocks/dangerzone:{{ steps.tag.outputs.tag }}"
-          fail-build: false
+          image: "dangerzone.rocks/dangerzone:${{ steps.tag.outputs.tag }}"
           fail-build: false
           only-fixed: false
           severity-cutoff: critical
@@ -50,7 +49,7 @@ jobs:
       - name: Scan container image
         uses: anchore/scan-action@v5
         with:
-          image: "dangerzone.rocks/dangerzone:{{ steps.tag.outputs.tag }}"
+          image: "dangerzone.rocks/dangerzone:${{ steps.tag.outputs.tag }}"
           fail-build: true
           only-fixed: false
           severity-cutoff: critical