name: Vulnerability Scan

on:
  schedule:
    - cron: '0 14 * * *'

jobs:
  scan:
    name: Daily Vulnerability Scan
    runs-on: ubuntu-latest
    steps:
      - name: Pull docker image
        run: docker pull docker.asperti.com/paspo/glpi:latest

      - name: Run Trivy vulnerability scanner
        id: scan
        uses: aquasecurity/trivy-action@master
        with:
          image-ref: 'docker.asperti.com/paspo/glpi:latest'
          format: 'sarif'
          output: 'trivy-results.sarif'

      - name: check output
        env:
          AAA: ${{ steps.scan.outputs }}
        run: echo ""