kyverno/.github/workflows/devcontainer-build.yaml

# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json

name: Build devcontainer

permissions: {}

on:
  pull_request:
    branches:
      - 'main'
      - 'release*'

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  devcontainer-build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
      - name: Build devcontainer image
        run: docker build .devcontainer   
      - name: Trivy Scan Image
        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
        with:
          scan-type: 'fs'
          ignore-unfixed: true
          format: 'sarif'
          output: 'trivy-results.sarif'
          severity: 'CRITICAL,HIGH'
        env:
          # Trivy is returning TOOMANYREQUESTS
          # See: https://github.com/aquasecurity/trivy-action/issues/389#issuecomment-2385416577
          TRIVY_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-db:2'
chore: configure gh workflows schemas (#9535) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2024-01-27 23:32:42 +01:00			`# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json`

feat: adds ci test for building devcontainer image (#8672) * feat: adds ci test for building devcontainer image Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * nit: update name of gh action Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: tweak on variable Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> 2023-10-17 20:11:57 +05:30			`name: Build devcontainer`

			`permissions: {}`

			`on:`
			`pull_request:`
			`branches:`
			`- 'main'`
			`- 'release*'`

			`concurrency:`
			`group: ${{ github.workflow }}-${{ github.ref }}`
			`cancel-in-progress: true`

			`jobs:`
			`devcontainer-build:`
			`runs-on: ubuntu-latest`
			`steps:`
			`- name: Checkout`
chore(deps): bump actions/checkout from 4.1.7 to 4.2.0 (#11244) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/692973e3d937129bcbf40652eb9f2f61becf3332...d632683dd7b4114ad314bca15554477dd762a938) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 2024-09-26 07:36:19 +00:00			`uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0`
feat: adds ci test for building devcontainer image (#8672) * feat: adds ci test for building devcontainer image Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * nit: update name of gh action Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: tweak on variable Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> 2023-10-17 20:11:57 +05:30			`- name: Build devcontainer image`
			`run: docker build .devcontainer`
			`- name: Trivy Scan Image`
chore(deps): bump aquasecurity/trivy-action from 0.23.0 to 0.24.0 (#10631) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.23.0 to 0.24.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/7c2007bcb556501da015201bcba5aa14069b74e2...6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 2024-07-12 08:42:47 +00:00			`uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0`
feat: adds ci test for building devcontainer image (#8672) * feat: adds ci test for building devcontainer image Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * nit: update name of gh action Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> * feat: tweak on variable Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> --------- Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com> 2023-10-17 20:11:57 +05:30			`with:`
			`scan-type: 'fs'`
			`ignore-unfixed: true`
			`format: 'sarif'`
			`output: 'trivy-results.sarif'`
			`severity: 'CRITICAL,HIGH'`
fix: use aws mirror of trivy db to fix rate limiter issue (#11342) Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com> 2024-10-07 18:09:28 +05:30			`env:`
			`# Trivy is returning TOOMANYREQUESTS`
			`# See: https://github.com/aquasecurity/trivy-action/issues/389#issuecomment-2385416577`
			`TRIVY_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-db:2'`