trivy-cron.yaml

---
name: Docker Image Trivy Image Vulnerability Scan Cron Job
on:
  schedule:
    # Runs "at 2 a.m. past every day" (see https://crontab.guru)
    - cron: '0 2 * * *'
permissions:
  # required for all workflows
  security-events: write
  # only required for workflows in private repositories
  actions: read
  contents: read

# Multi Image Repro GHA
jobs:
  trivy_image_scan_cron:
    strategy:
      matrix:
        image:
          - infra-tools
          - dbcmetrics
          - awx-ee
    uses: hpi-schul-cloud/infra-tools/.github/workflows/trivy-scan.yaml@master
    with:
      image-ref: 'docker.io/schulcloud/${{ matrix.image }}:latest'

# Template Single Image Repro GHA
# jobs:
#   trivy_image_scan_cron:
#     uses: hpi-schul-cloud/infra-tools/.github/workflows/trivy-scan.yaml@OPS-3814-add-Image-Vulnerability-Scanning
#     # uses: hpi-schul-cloud/infra-tools/.github/workflows/trivy-scan.yaml@master
#     with:
#       image-ref: 'docker.io/schulcloud/<IMAGE_NAME>:latest'