ci: add timeout-minutes, pin trivy action version

bakerboy448 · bakerboy448 · commit 7ab5a5855f36 · 2026-03-14T15:49:39.000-05:00
diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
@@ -29,6 +29,7 @@ env:
 jobs:
   build:
     runs-on: ubuntu-latest
+    timeout-minutes: 15
     permissions:
       contents: write
       packages: write
@@ -103,14 +104,15 @@ jobs:
   security-scan:
     needs: build
     runs-on: ubuntu-latest
+    timeout-minutes: 15
     if: github.event_name != 'pull_request'
     permissions:
       contents: read
       security-events: write
 
     steps:
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.build.outputs.image-tag }}
           format: 'sarif'
diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
@@ -9,6 +9,7 @@ on:
 jobs:
   pre-commit:
     runs-on: ubuntu-latest
+    timeout-minutes: 10
     steps:
       - uses: actions/checkout@v6
       - uses: actions/setup-python@v5
