sigs.k8s.io/cluster-api-provider-azure@v1.17.0/.github/workflows/scan.yml (about) 1 name: scan-images 2 3 on: 4 schedule: 5 - cron: "0 12 * * 1" 6 7 # Remove all permissions from GITHUB_TOKEN except metadata. 8 permissions: {} 9 10 jobs: 11 scan: 12 name: Trivy 13 runs-on: ubuntu-latest 14 steps: 15 - name: Harden Runner 16 uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 17 with: 18 egress-policy: audit 19 20 - name: Check out code 21 uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # tag=v4.1.7 22 - name: Setup go 23 uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 24 with: 25 go-version: 1.22 26 - name: Run verify container script 27 run: make verify-container-images