.github/workflows/trivy-scan.yml

name: Trivy

on:
  workflow_dispatch:
  schedule:
    - cron: '30 20 * * *'

jobs:
  ubuntu-build:
    name: Build on Ubuntu
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Set up JDK 17
        uses: actions/setup-java@v3
        with:
          distribution: 'temurin'
          java-version: 17.0.7

      - name: Set Up Ballerina
        uses: ballerina-platform/setup-ballerina@v1.1.0
        with:
          version: latest

      - name: Build with Gradle
        env:
          packageUser: ${{ github.actor }}
          packagePAT: ${{ secrets.GITHUB_TOKEN }}
        run: ./gradlew build -x check -x test -x :azure-service-bus-examples:build

      - name: Run Trivy vulnerability scanner
        uses: aquasecurity/trivy-action@master
        with:
          scan-type: 'rootfs'
          scan-ref: '.'
          skip-dirs: 'gradle/'
          format: 'table'
          timeout: '10m0s'
          exit-code: '1'