Merge pull request #219 from NipunaRanasinghe/main

Use centralized workflow for trivy scan
ballerina-platform · Apr 19, 2024 · bea4a03 · bea4a03
2 parents 993ebec + 5f55589
commit bea4a03
Showing 1 changed file with 8 additions and 30 deletions.
diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
@@ -1,35 +1,13 @@
 name: Trivy
 
 on:
-  workflow_call:
+  workflow_dispatch:
+  schedule:
+    - cron:  "30 20 * * *"
 
 jobs:
-  ubuntu-build:
-    name: Build on Ubuntu
-    runs-on: ubuntu-latest
-    if: github.repository_owner == 'ballerina-platform'
-    steps:
-      - uses: actions/checkout@v3
-      - name: Set up JDK 17
-        uses: actions/setup-java@v3
-        with:
-          distribution: "temurin"
-          java-version: 17.0.7
-
-      - name: Build with Gradle
-        env:
-          packageUser: ${{ github.actor }}
-          packagePAT: ${{ secrets.GITHUB_TOKEN }}
-        run: ./gradlew build -x check -x test
-
-      - name: Create lib directory if not exists
-        run: mkdir -p ballerina/lib
-
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
-        with:
-          scan-type: "rootfs"
-          scan-ref: "/github/workspace/ballerina/lib"
-          format: "table"
-          timeout: "10m0s"
-          exit-code: "1"
+  call_workflow:
+    name: Run Trivy Scan Workflow
+    if: ${{ github.repository_owner == 'ballerina-platform' }}
+    uses: ballerina-platform/ballerina-library/.github/workflows/trivy-scan-template.yml@main
+    secrets: inherit