Skip to content

Commit

Permalink
.4.0: WIP on feature/opends-0.4.0
Browse files Browse the repository at this point in the history
  • Loading branch information
samleeflang committed Oct 28, 2024
1 parent 3fab9cc commit 1b4b5c3
Show file tree
Hide file tree
Showing 3 changed files with 54 additions and 2 deletions.
11 changes: 9 additions & 2 deletions .github/workflows/build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,20 +31,27 @@ jobs:
- name: Trivy - List all vulnerabilities
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ env.REPO_LC }}
image-ref: '${{ github.event.repository.name }}'
format: 'table'
ignore-unfixed: true
vuln-type: 'os,library'
env:
TRIVY_SKIP_DB_UPDATE: true
TRIVY_SKIP_JAVA_DB_UPDATE: true
- name: Trivy - Stop on Severe Vulnerabilities
uses: aquasecurity/trivy-action@master
if: github.event_name == 'pull_request'
with:
image-ref: ${{ env.REPO_LC }}
image-ref: '${{ github.event.repository.name }}'
format: 'table'
ignore-unfixed: true
trivyignores: .github/workflows/.trivyignore
exit-code: '1'
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
env:
TRIVY_SKIP_DB_UPDATE: true
TRIVY_SKIP_JAVA_DB_UPDATE: true
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
Expand Down
31 changes: 31 additions & 0 deletions .github/workflows/cache-trivy.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
name: Update Trivy Cache

on:
schedule:
- cron: '0 0 * * *' # Run daily at midnight UTC
workflow_dispatch: # Allow manual triggering

jobs:
update-trivy-db:
runs-on: ubuntu-latest
steps:
- name: Get current date
id: date
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
- name: Download and extract the Trivy vulnerability DB
run: |
mkdir -p $GITHUB_WORKSPACE/.cache/trivy/db
oras pull ghcr.io/aquasecurity/trivy-db:2
tar -xzf db.tar.gz -C $GITHUB_WORKSPACE/.cache/trivy/db
rm db.tar.gz
- name: Download and extract the Trivy Java DB
run: |
mkdir -p $GITHUB_WORKSPACE/.cache/trivy/java-db
oras pull ghcr.io/aquasecurity/trivy-java-db:1
tar -xzf javadb.tar.gz -C $GITHUB_WORKSPACE/.cache/trivy/java-db
rm javadb.tar.gz
- name: Cache Trivy DBs
uses: actions/cache/save@v4
with:
path: ${{ github.workspace }}/.cache/trivy
key: cache-trivy-${{ steps.date.outputs.date }}
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,13 @@
"Chelicerata collection (TSZCh) The Arctic University Museum of Norway"
]
},
"ods:livingOrPreserved": {
"description": "Whether the specimen is living or preserved",
"enum": [
"Living",
"Preserved"
]
},
"ods:metadataLanguages": {
"type": "array",
"description": "The language of the Digital Specimen metadata. Only indicate, not enforced. Recommended to use three letter code from ISO 639-2 codes found on https://id.loc.gov/vocabulary/iso639-2.html",
Expand Down Expand Up @@ -379,6 +386,13 @@
"% biomass"
]
},
"dwc:verbatimLabel": {
"type": "string",
"description": "The content of this term should include no embellishments, prefixes, headers or other additions made to the text. Abbreviations must not be expanded and supposed misspellings must not be corrected. Lines or breakpoints between blocks of text that could be verified by seeing the original labels or images of them may be used. Examples of material entities include preserved specimens, fossil specimens, and material samples. Best practice is to use UTF-8 for all characters",
"examples": [
"ILL: Union Co. Wolf Lake by Powder Plant Bridge. 1 March 1975 Coll. S. Ketzler, S. Herbert\n\nMonotoma longicollis 4 ♂ Det TC McElrath 2018\n\nINHS Insect Collection 456782"
]
},
"dwc:dynamicProperties": {
"type": "string",
"description": "A list of additional measurements, facts, characteristics, or assertions about the record. Meant to provide a mechanism for structured content",
Expand Down

0 comments on commit 1b4b5c3

Please sign in to comment.