.github/workflows/scan_image.yml

# This workflow will scan the created docker images at scheduled time and create issue if vulnerability is found
name: Vulnerability Scan

on:
  schedule:
    - cron: '30 5 * * 0'

jobs:
  scan:
    name: Daily Vulnerability Scan
    runs-on: ubuntu-latest
    steps:
      - name: Pull docker images
        run: |
          docker pull digite/kairon-api
          docker pull digite/kairon-ui
          docker pull digite/kairon-action-server
          docker pull digite/kairon-history-server
          docker pull digite/kairon-script-runner
          docker pull digite/kairon-chat
          docker pull digite/kairon-paraphrase
          docker pull digite/kairon-qg
      - uses: Azure/container-scan@v0.1
        name: Scanning api image
        with:
          image-name: digite/kairon-api
      - uses: Azure/container-scan@v0.1
        name: Scanning ui image
        with:
          image-name: digite/kairon-ui
      - uses: Azure/container-scan@v0.1
        name: Scanning action image
        with:
          image-name: digite/kairon-action-server
      - uses: Azure/container-scan@v0.1
        name: Scanning script runner image
        with:
          image-name: digite/kairon-script-runner
      - uses: Azure/container-scan@v0.1
        name: Scanning history image
        with:
          image-name: digite/kairon-history-server
      - uses: Azure/container-scan@v0.1
        name: Scanning chat image
        with:
          image-name: digite/kairon-chat
      - uses: Azure/container-scan@v0.1
        name: Scanning paraphrase image
        with:
          image-name: digite/kairon-paraphrase
      - uses: Azure/container-scan@v0.1
        name: Scanning question generation image
        with:
          image-name: digite/kairon-qg