From 3675d1adcc6c6f2a1b218fb32cc173e6f0b38988 Mon Sep 17 00:00:00 2001
From: SonnyBA <SonnyBA@users.noreply.github.com>
Date: Fri, 4 Oct 2024 11:24:34 +0200
Subject: [PATCH] Disable trivy image scan job (#133)

see https://github.com/maykinmedia/objects-api/issues/463
---
 .github/workflows/ci.yml | 23 -----------------------
 1 file changed, 23 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 1eeb4e56..636161e5 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -100,29 +100,6 @@ jobs:
           path: image.tar
           retention-days: 1
 
-  image_scan:
-    runs-on: ubuntu-latest
-    name: Scan docker image
-    needs:
-      - docker
-
-    steps:
-      - name: Download built image
-        uses: actions/download-artifact@v3
-        with:
-          name: docker-image
-      - name: Scan image with Trivy
-        uses: aquasecurity/trivy-action@master
-        with:
-          input: /github/workspace/image.tar  # from download-artifact
-          format: 'sarif'
-          output: 'trivy-results-docker.sarif'
-          ignore-unfixed: true
-      - name: Upload results to GH Security tab
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: 'trivy-results-docker.sarif'
-
   publish:
     needs:
       - tests