feat/docker-compose-update (#18)

Co-authored-by: jon brookes <marshyon@gmail.com>
Reviewed-on: https://codeberg.org/headshed/share-lt/pulls/18

.woodpecker/share-lt-build.yaml

@@ -1,6 +1,6 @@
 when:
   - event: push
-    branch: feat/docker-compose-update
+    branch: dev
 steps:
   build-local:
     image: docker:24-dind
@@ -14,10 +14,10 @@ steps:
       - docker pull quay.io/marshyon/share-lt:latest || true
       - echo "Building image for testing (amd64 only for CI compatibility)..."
       - docker build --platform linux/amd64 --cache-from=quay.io/marshyon/share-lt:latest -t share-lt:test .
-      - echo "Tagging test image as quay.io/marshyon/share-lt:v0.0.2..."
-      - docker tag share-lt:test quay.io/marshyon/share-lt:v0.0.2
+      - echo "Tagging test image as quay.io/marshyon/share-lt:v0.0.5..."
+      - docker tag share-lt:test quay.io/marshyon/share-lt:v0.0.5
       - echo "Generating SBOM..."
-      - docker run --rm -v /var/run/docker.sock:/var/run/docker.sock anchore/syft:latest scan quay.io/marshyon/share-lt:v0.0.2 -o cyclonedx-json > sbom.json
+      - docker run --rm -v /var/run/docker.sock:/var/run/docker.sock anchore/syft:latest scan quay.io/marshyon/share-lt:v0.0.5 -o cyclonedx-json > sbom.json
   scan-vulnerabilities:
     image: aquasec/trivy:0.67.2
     volumes:
@@ -41,7 +41,7 @@ steps:
       repo: quay.io/marshyon/share-lt
       platforms: linux/amd64
       tags:
-        - v0.0.2
+        - v0.0.5
         - latest
       username:
         from_secret: QUAY_USERNAME
@@ -57,5 +57,6 @@ steps:
       COSIGN_REGISTRY_PASSWORD:
         from_secret: QUAY_PASSWORD
     commands:
-      - cosign attach sbom --sbom sbom.json quay.io/marshyon/share-lt:v0.0.2 || echo "SBOM attach failed"
-      - echo "Done - trivy report saved to workspace for manual review"
+      - cosign attach sbom --sbom sbom.json quay.io/marshyon/share-lt:v0.0.5 || echo "SBOM attach failed"
+      - echo "Done - trivy report saved to workspace for manual review"
+