From 7affe70fac7c7bf42e61ab405c6fede9c14a7c2d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Busse?= <bj.rn@baerlin.eu>
Date: Thu, 11 Jan 2024 00:10:37 +0100
Subject: [PATCH] CI: Add image to scan

---
 .github/workflows/setup-cluster.yml      | 2 ++
 .github/workflows/vulnerability-scan.yml | 9 ++++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/setup-cluster.yml b/.github/workflows/setup-cluster.yml
index 27fc3fe..86ba7b0 100644
--- a/.github/workflows/setup-cluster.yml
+++ b/.github/workflows/setup-cluster.yml
@@ -19,6 +19,8 @@ jobs:
     steps:
     - name: Checkout code
       uses: actions/checkout@v3
+    - name: Install podman
+      run: sudo apt install podman -y
     - name: Start minikube
       id: minikube
       uses: medyagh/setup-minikube@latest
diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml
index 96b8fe5..1bf8d15 100644
--- a/.github/workflows/vulnerability-scan.yml
+++ b/.github/workflows/vulnerability-scan.yml
@@ -7,7 +7,7 @@ on:
 
 jobs:
   build:
-    name: Build
+    name: Scan images
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout code
@@ -19,3 +19,10 @@ jobs:
           image-ref: 'ghcr.io/bbusse/gtfso-import'
           format: 'sarif'
           output: 'trivy-results.sarif'
+
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'ghcr.io/bbusse/gtfso-vbb'
+          format: 'sarif'
+          output: 'trivy-results.sarif'