feat: remove trivy workflow

2025-12-27 09:14:35 +01:00 · 2022-09-08 23:03:17 +02:00
parent 141eeffe8f
commit b5cc61ba8e
1 changed files with 0 additions and 72 deletions
--- a/.github/workflows/scan-containers.yaml
+++ b/.github/workflows/scan-containers.yaml
@@ -1,72 +0,0 @@
---
-name: Scan Containers
-
-on: # yamllint disable-line rule:truthy
-  pull_request:
-    branches:
-      - main
-    paths:
-      - "cluster/**.yaml"
-      - "ansible/**.yml.j2"
-
-jobs:
-  detect-file-changes:
-    name: Detect File Changes
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - uses: dorny/paths-filter@v2
-        id: filter
-        with:
-          list-files: json
-          filters: |
-            yaml:
-              - added|modified: "**.yaml"
-              - added|modified: "**.yml"
-              - added|modified: "**.yaml.j2"
-              - added|modified: "**.yml.j2"
-    outputs:
-      yaml_files: ${{ steps.filter.outputs.yaml_files }}
-  detect-containers:
-    name: Detect Containers
-    runs-on: ubuntu-latest
-    needs: detect-file-changes
-    strategy:
-      matrix:
-        file: ${{ fromJSON(needs.detect-file-changes.outputs.yaml_files) }}
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-      - name: Install Jo
-        run: |
-          sudo apt-get install jo
-      - name: Detect Containers in Files
-        id: containers
-        run: |
-          containers=$(.github/scripts/container-parser.sh --file "${{ matrix.file }}")
-          echo "${containers}"
-          echo ::set-output name=containers::${containers}
-    outputs:
-      containers: ${{ steps.containers.outputs.containers }}
-  scan-containers:
-    name: Scan Containers
-    runs-on: ubuntu-latest
-    needs: detect-containers
-    strategy:
-      matrix: ${{ fromJSON(needs.detect-containers.outputs.containers) }}
-      fail-fast: false
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-      - name: Scan Container
-        uses: aquasecurity/trivy-action@0.7.1
-        with:
-          image-ref: ${{ matrix.containers }}
-          vuln-type: os,library
-          severity: CRITICAL,HIGH
-          format: sarif
-          output: trivy-results.sarif
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: trivy-results.sarif