From 1b4b5c3d4843659cbf725c4961a5a2c49cead14a Mon Sep 17 00:00:00 2001
From: Sam Leeflang <sam.leeflang@naturalis.nl>
Date: Mon, 28 Oct 2024 14:40:39 +0100
Subject: [PATCH] .4.0: WIP on feature/opends-0.4.0

---
 .github/workflows/build.yaml                  | 11 +++++--
 .github/workflows/cache-trivy.yml             | 31 +++++++++++++++++++
 .../0.4.0/schema/digital-specimen.json        | 14 +++++++++
 3 files changed, 54 insertions(+), 2 deletions(-)
 create mode 100644 .github/workflows/cache-trivy.yml

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 1deee2c5..16043d43 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -31,20 +31,27 @@ jobs:
       - name: Trivy - List all vulnerabilities
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: ${{ env.REPO_LC }}
+          image-ref: '${{ github.event.repository.name }}'
           format: 'table'
           ignore-unfixed: true
           vuln-type: 'os,library'
+        env:
+          TRIVY_SKIP_DB_UPDATE: true
+          TRIVY_SKIP_JAVA_DB_UPDATE: true
       - name: Trivy - Stop on Severe Vulnerabilities
         uses: aquasecurity/trivy-action@master
+        if: github.event_name == 'pull_request'
         with:
-          image-ref: ${{ env.REPO_LC }}
+          image-ref: '${{ github.event.repository.name }}'
           format: 'table'
           ignore-unfixed: true
           trivyignores: .github/workflows/.trivyignore
           exit-code: '1'
           vuln-type: 'os,library'
           severity: 'CRITICAL,HIGH'
+        env:
+          TRIVY_SKIP_DB_UPDATE: true
+          TRIVY_SKIP_JAVA_DB_UPDATE: true
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@v4
diff --git a/.github/workflows/cache-trivy.yml b/.github/workflows/cache-trivy.yml
new file mode 100644
index 00000000..792dded5
--- /dev/null
+++ b/.github/workflows/cache-trivy.yml
@@ -0,0 +1,31 @@
+name: Update Trivy Cache
+
+on:
+  schedule:
+    - cron: '0 0 * * *'  # Run daily at midnight UTC
+  workflow_dispatch:  # Allow manual triggering
+
+jobs:
+  update-trivy-db:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get current date
+        id: date
+        run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
+      - name: Download and extract the Trivy vulnerability DB
+        run: |
+          mkdir -p $GITHUB_WORKSPACE/.cache/trivy/db
+          oras pull ghcr.io/aquasecurity/trivy-db:2
+          tar -xzf db.tar.gz -C $GITHUB_WORKSPACE/.cache/trivy/db
+          rm db.tar.gz
+      - name: Download and extract the Trivy Java DB
+        run: |
+          mkdir -p $GITHUB_WORKSPACE/.cache/trivy/java-db
+          oras pull ghcr.io/aquasecurity/trivy-java-db:1
+          tar -xzf javadb.tar.gz -C $GITHUB_WORKSPACE/.cache/trivy/java-db
+          rm javadb.tar.gz
+      - name: Cache Trivy DBs
+        uses: actions/cache/save@v4
+        with:
+          path: ${{ github.workspace }}/.cache/trivy
+          key: cache-trivy-${{ steps.date.outputs.date }}
\ No newline at end of file
diff --git a/data-model/fdo-type/digital-specimen/0.4.0/schema/digital-specimen.json b/data-model/fdo-type/digital-specimen/0.4.0/schema/digital-specimen.json
index 8255a0c4..34278d92 100644
--- a/data-model/fdo-type/digital-specimen/0.4.0/schema/digital-specimen.json
+++ b/data-model/fdo-type/digital-specimen/0.4.0/schema/digital-specimen.json
@@ -122,6 +122,13 @@
         "Chelicerata collection (TSZCh) The Arctic University Museum of Norway"
       ]
     },
+    "ods:livingOrPreserved": {
+      "description": "Whether the specimen is living or preserved",
+      "enum": [
+        "Living",
+        "Preserved"
+      ]
+    },
     "ods:metadataLanguages": {
       "type": "array",
       "description": "The language of the Digital Specimen metadata. Only indicate, not enforced. Recommended to use three letter code from ISO 639-2 codes found on https://id.loc.gov/vocabulary/iso639-2.html",
@@ -379,6 +386,13 @@
         "% biomass"
       ]
     },
+    "dwc:verbatimLabel": {
+      "type": "string",
+      "description": "The content of this term should include no embellishments, prefixes, headers or other additions made to the text. Abbreviations must not be expanded and supposed misspellings must not be corrected. Lines or breakpoints between blocks of text that could be verified by seeing the original labels or images of them may be used. Examples of material entities include preserved specimens, fossil specimens, and material samples. Best practice is to use UTF-8 for all characters",
+      "examples": [
+        "ILL: Union Co. Wolf Lake by Powder Plant Bridge. 1 March 1975 Coll. S. Ketzler, S. Herbert\n\nMonotoma longicollis 4 ♂ Det TC McElrath 2018\n\nINHS Insect Collection 456782"
+      ]
+    },
     "dwc:dynamicProperties": {
       "type": "string",
       "description": "A list of additional measurements, facts, characteristics, or assertions about the record. Meant to provide a mechanism for structured content",