diff --git a/.github/workflows/ghcr.io.aquasecurity.trivy-operator.0.22.0.yaml b/.github/workflows/ghcr.io.aquasecurity.trivy-operator.0.22.0.yaml new file mode 100644 index 00000000..a8c74ef1 --- /dev/null +++ b/.github/workflows/ghcr.io.aquasecurity.trivy-operator.0.22.0.yaml @@ -0,0 +1,54 @@ +# +# MIT License +# +# (C) Copyright 2023-2024 Hewlett Packard Enterprise Development LP +# +# Permission is hereby granted, free of charge, to any person obtaining a +# copy of this software and associated documentation files (the "Software"), +# to deal in the Software without restriction, including without limitation +# the rights to use, copy, modify, merge, publish, distribute, sublicense, +# and/or sell copies of the Software, and to permit persons to whom the +# Software is furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included +# in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. +# +name: ghcr.io/aquasecurity/trivy-operator:0.22.0 +on: + push: + paths: + - .github/workflows/ghcr.io.aquasecurity.trivy-operator.0.22.0 + - ghcr.io/aquasecurity/trivy-operator/0.22.0/** + workflow_dispatch: +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + env: + CONTEXT_PATH: ghcr.io/aquasecurity/trivy-operator/0.22.0 + DOCKER_REPO: artifactory.algol60.net/csm-docker/${{ github.ref == 'refs/heads/main' && 'stable' || 'unstable' }}/ghcr.io/aquasecurity/trivy-operator + DOCKER_TAG: 0.22.0 + steps: + - name: build-sign-scan + uses: Cray-HPE/github-actions/build-sign-scan@build-sign-scan/v2 + with: + context_path: ${{ env.CONTEXT_PATH }} + docker_repo: ${{ env.DOCKER_REPO }} + docker_tag: ${{ env.DOCKER_TAG }} + docker_username: ${{ secrets.ARTIFACTORY_ALGOL60_USERNAME }} + docker_password: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }} + sign: ${{ github.ref == 'refs/heads/main' }} + cosign_gcp_workload_identity_provider: ${{ secrets.COSIGN_GCP_WORKLOAD_IDENTITY_PROVIDER_RSA }} + cosign_gcp_service_account: ${{ secrets.COSIGN_GCP_SERVICE_ACCOUNT_RSA }} + cosign_key: ${{ secrets.COSIGN_KEY_RSA }} + snyk_token: ${{ secrets.SNYK_TOKEN }} diff --git a/ghcr.io/aquasecurity/trivy-operator/0.22.0/Dockerfile b/ghcr.io/aquasecurity/trivy-operator/0.22.0/Dockerfile new file mode 100644 index 00000000..068480f5 --- /dev/null +++ b/ghcr.io/aquasecurity/trivy-operator/0.22.0/Dockerfile @@ -0,0 +1,24 @@ +# +# MIT License +# +# (C) Copyright [2024] Hewlett Packard Enterprise Development LP +# +# Permission is hereby granted, free of charge, to any person obtaining a +# copy of this software and associated documentation files (the "Software"), +# to deal in the Software without restriction, including without limitation +# the rights to use, copy, modify, merge, publish, distribute, sublicense, +# and/or sell copies of the Software, and to permit persons to whom the +# Software is furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included +# in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. +# +FROM ghcr.io/aquasecurity/trivy-operator:0.22.0