ci: add schedule for trivy scans

goss-org / goss

Quick and Easy server testing/validation

https://goss.rocks

Apache License 2.0

5.58k stars 470 forks source link

ci: add schedule for trivy scans #944

Open dklimpel opened 3 months ago

dklimpel commented 3 months ago

Checklist

[x] make test-all (UNIX) passes. CI will also test this
[x] unit and/or integration tests are included (if applicable)
[ ] documentation is changed or added (if applicable)

Description of change

A schedule task to scan latest container image (with latest tagged binary).

At the moment there is no latest image and this PR has to wait for next tagged version.

aelsabbahy commented 2 months ago

I'm thinking of cutting a release this weekend to address the open CVE, also thinking of getting one last release in before the Travis cutover.. in case we run into unexpected turbulence.

I assume this PR will have to wait until after the release?

dklimpel commented 2 months ago

I assume this PR will have to wait until after the release?

Yes.

also thinking of getting one last release in before the Travis cutover.. in case we run into unexpected turbulence

Sounds good.