From f9e0a537a2d54a8d83d22feb9cd4b6dc536b49c9 Mon Sep 17 00:00:00 2001
From: Kai Reichart <kai.reichart@t-systems.com>
Date: Thu, 28 Nov 2024 14:15:48 +0100
Subject: [PATCH] added trivy

---
 .github/workflows/build.yaml | 9 +++++++++
 trivy/Dockerfile             | 3 +++
 2 files changed, 12 insertions(+)
 create mode 100644 trivy/Dockerfile

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 5df917f..21d7b63 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -28,3 +28,12 @@ jobs:
       registry: 'forgejo.edf-bootstrap.cx.fg1.ffm.osc.live'
       username: ${{ secrets.REGISTRY_USERNAME }}
       password: ${{ secrets.REGISTRY_PASSWORD }}
+  build-trivy:
+    uses: DevFW-CICD/build/.github/workflows/build-docker.yml@main
+    with:
+      dockerfile: './Dockerfile'
+      context: './trivy'
+      tag: 'forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/pipeline-container/trivy:0.56.2'
+      registry: 'forgejo.edf-bootstrap.cx.fg1.ffm.osc.live'
+      username: ${{ secrets.REGISTRY_USERNAME }}
+      password: ${{ secrets.REGISTRY_PASSWORD }}
diff --git a/trivy/Dockerfile b/trivy/Dockerfile
new file mode 100644
index 0000000..0780d4e
--- /dev/null
+++ b/trivy/Dockerfile
@@ -0,0 +1,3 @@
+FROM --platform=linux/amd64 aquasec/trivy:0.56.2
+
+RUN apk add --no-cache git