Scan Latest Two Semantically Versioned Docker Image Tags with ORT #18

	name: Vulnerability_Scan_Latest

	on:
	schedule:
	- cron: "0 14 * * 1" # Works on each Monday 14:00 UTC
	workflow_dispatch:

	jobs:
	prepare:
	runs-on: ubuntu-latest
	outputs:
	latest_tags: ${{ steps.set_output.outputs.latest_tags }}
	steps:
	- name: Checkout Repository
	uses: actions/checkout@v3

	- name: Fetch Tags
	id: fetch_tags
	run: \|
	echo "Fetching tags from Docker Hub..."
	# Example command, replace with actual command to fetch tags
	echo "::set-output name=tags::v2.0.0,v1.1.2,v1.1.1,v1.1.0,v1.0.1,v1.0.0"

	- name: Determine Latest Tags
	id: set_output
	run: \|
	TAGS="${{ steps.fetch_tags.outputs.tags }}"
	IFS=',' read -r -a tag_array <<< "$TAGS"
	declare -A latest_versions

	for tag in "${tag_array[@]}"; do
	version="${tag//v/}"
	major=$(echo "$version" \| cut -d'.' -f1)
	minor=$(echo "$version" \| cut -d'.' -f2)
	key="${major}.${minor}"

	if [[ -z "${latest_versions[$key]}" ]] \|\| [[ "${tag//v/}" > "${latest_versions[$key]//v/}" ]]; then
	latest_versions[$key]="$tag"
	fi
	done

	latest_tags=$(IFS=,; echo "${latest_versions[*]}")
	echo "::set-output name=latest_tags::$latest_tags"

	scan:
	needs: prepare
	runs-on: ubuntu-latest
	steps:
	- name: Scan Docker Images with Trivy
	run: \|
	LATEST_TAGS="${{ needs.prepare.outputs.latest_tags }}"
	IFS=',' read -r -a tags <<< "$LATEST_TAGS"
	for tag in "${tags[@]}"; do
	IMAGE="ghcr.io/genomicdatainfrastructure/gdi-userportal-frontend:$tag"
	echo "Scanning $IMAGE"
	docker run --rm aquasec/trivy:latest image --severity CRITICAL,HIGH --exit-code 1 "$IMAGE"
	done

Provide feedback