Delete general.security-scan.yaml

Signed-off-by: Kjeld Schouten-Lebbing <kjeld@schouten-lebbing.nl>
2022-12-26 20:47:01 +01:00 · 2022-12-26 20:47:01 +01:00 · a8900e9b64
parent 0cbd67257a
commit a8900e9b64
1 changed files with 0 additions and 61 deletions
--- a/.github/workflows/general.security-scan.yaml
+++ b/.github/workflows/general.security-scan.yaml
@ -1,61 +0,0 @@
-name: "General: Security Scan"
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - master
-    paths:
-      - ".github/workflows/general.security-scan.yaml"
-  schedule:
-    - cron: "0 0 * * 0"
-
-jobs:
-  directories: # Job that list subdirectories
-    runs-on: ubuntu-latest
-    outputs:
-      dir: ${{ steps.set-dirs.outputs.dir }} # generate output name dir by using inner step output
-    steps:
-      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
-        with:
-          token: ${{ secrets.BOT_TOKEN }}
-      - id: set-dirs # Give it an id to handle to get step outputs in the outputs key above
-        run: echo "::set-output name=dir::$({ ls -d containers/apps/*/ & ls -d containers/base/*/; } | tr '\n' '\0' | xargs -0 -n 1 basename | jq -R -s -c 'split("\n")[:-1]')"
-        # Define step output named dir base on ls command transformed to JSON thanks to jq
-
-  scan_files:
-    name: Scan Files
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
-
-      - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@master
-        with:
-          scan-type: "fs"
-          ignore-unfixed: true
-          format: "template"
-          template: "@/contrib/sarif.tpl"
-          output: "trivy-repo-results.sarif"
-          severity: "CRITICAL"
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@959cbb7472c4d4ad70cdfe6f4976053fe48ab394 # v2
-        with:
-          sarif_file: "trivy-repo-results.sarif"
-
-  scan_containers:
-    name: Scan Containers
-    runs-on: ubuntu-20.04
-    needs: [directories] # Depends on previous job
-    strategy:
-      matrix:
-        dir: ${{fromJson(needs.directories.outputs.dir)}} # List matrix strategy from directories dynamically
-      fail-fast: false
-    steps:
-      - name: Container Security scan
-        uses: Azure/container-scan@f9af925b897d8af5f7e0026b8bca9346261abc93 # tag=v0
-        with:
-          image-name: ghcr.io/${{ github.repository_owner }}/${{matrix.dir}}:latest
-          severity-threshold: HIGH