kyverno/.github/workflows/devcontainer-build.yaml

# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json

name: Build devcontainer

permissions: {}

on:
  pull_request:
    branches:
      - 'main'
      - 'release*'

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  devcontainer-build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Build devcontainer image
        run: docker build .devcontainer   
      - name: Trivy Scan Image
        uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # v0.29.0
        with:
          scan-type: 'fs'
          ignore-unfixed: true
          format: 'sarif'
          output: 'trivy-results.sarif'
          severity: 'CRITICAL,HIGH'
        env:
          # Trivy is returning TOOMANYREQUESTS
          # See: https://github.com/aquasecurity/trivy-action/issues/389#issuecomment-2385416577
          TRIVY_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-db:2'
chore: configure gh workflows schemas (#9535) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2024-01-27 23:32:42 +01:00			`# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json`

feat: adds ci test for building devcontainer image (#8672) * feat: adds ci test for building devcontainer image Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * nit: update name of gh action Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: tweak on variable Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> 2023-10-17 20:11:57 +05:30			`name: Build devcontainer`

			`permissions: {}`

			`on:`
			`pull_request:`
			`branches:`
			`- 'main'`
			`- 'release*'`

			`concurrency:`
			`group: ${{ github.workflow }}-${{ github.ref }}`
			`cancel-in-progress: true`

			`jobs:`
			`devcontainer-build:`
			`runs-on: ubuntu-latest`
			`steps:`
			`- name: Checkout`
chore(deps): bump actions/checkout from 4.2.1 to 4.2.2 (#11464) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.1 to 4.2.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871...11bd71901bbe5b1630ceea73d27597364c9af683) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2024-10-24 09:42:17 +00:00			`uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2`
feat: adds ci test for building devcontainer image (#8672) * feat: adds ci test for building devcontainer image Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * nit: update name of gh action Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: tweak on variable Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> 2023-10-17 20:11:57 +05:30			`- name: Build devcontainer image`
			`run: docker build .devcontainer`
			`- name: Trivy Scan Image`
chore(deps): bump aquasecurity/trivy-action from 0.28.0 to 0.29.0 (#11624) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.28.0 to 0.29.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2...18f2510ee396bbf400402947b394f2dd8c87dbb0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 2024-11-20 09:35:46 +00:00			`uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # v0.29.0`
feat: adds ci test for building devcontainer image (#8672) * feat: adds ci test for building devcontainer image Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * nit: update name of gh action Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: tweak on variable Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> 2023-10-17 20:11:57 +05:30			`with:`
			`scan-type: 'fs'`
			`ignore-unfixed: true`
			`format: 'sarif'`
			`output: 'trivy-results.sarif'`
			`severity: 'CRITICAL,HIGH'`
fix: use aws mirror of trivy db to fix rate limiter issue (#11342) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> 2024-10-07 18:09:28 +05:30			`env:`
			`# Trivy is returning TOOMANYREQUESTS`
			`# See: https://github.com/aquasecurity/trivy-action/issues/389#issuecomment-2385416577`
			`TRIVY_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-db:2'`