docker-glpi/.gitea/workflows/vulnscan.yaml

name: Vulnerability Scan

on:
  schedule:
    - cron: '0 14 * * *'

jobs:
  scan:
    name: Daily Vulnerability Scan
    runs-on: ubuntu-latest
    steps:
      - name: Pull docker image
        run: docker pull docker.asperti.com/paspo/glpi:latest

      - name: Run Trivy vulnerability scanner
        id: scan
        uses: aquasecurity/trivy-action@master
        with:
          image-ref: 'docker.asperti.com/paspo/glpi:latest'
          format: 'json'
          output: 'trivy-results.json'

      - name: check output
        run: if [ $(jq '.Results[0].Vulnerabilities|length' trivy-results.json) -ne "0" ] ; then exit 1 ; fi
test vulnscan action 2023-10-30 10:34:34 +00:00			`name: Vulnerability Scan`

			`on:`
			`schedule:`
			`- cron: '0 14 * * *'`

			`jobs:`
			`scan:`
			`name: Daily Vulnerability Scan`
			`runs-on: ubuntu-latest`
			`steps:`
			`- name: Pull docker image`
			`run: docker pull docker.asperti.com/paspo/glpi:latest`

			`- name: Run Trivy vulnerability scanner`
			`id: scan`
			`uses: aquasecurity/trivy-action@master`
			`with:`
			`image-ref: 'docker.asperti.com/paspo/glpi:latest'`
test vulnscan action 2023-10-30 10:57:51 +00:00			`format: 'json'`
			`output: 'trivy-results.json'`
test vulnscan action 2023-10-30 10:34:34 +00:00
			`- name: check output`
test vulnscan action 2023-10-30 10:57:51 +00:00			`run: if [ $(jq '.Results[0].Vulnerabilities\|length' trivy-results.json) -ne "0" ] ; then exit 1 ; fi`