From ae31eddf3abc647fc3e000d06a495ef73b6e444f Mon Sep 17 00:00:00 2001
From: Saku K <6057704+saku-koodari@users.noreply.github.com>
Date: Wed, 8 Jan 2025 15:46:47 +0200
Subject: [PATCH] feat(.github): add trivy to pipeline

---
 .github/workflows/build.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 15f79c73..13e29be6 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -149,6 +149,18 @@ jobs:
       - name: Check formatting
         run: ./scripts/check-formatting.sh
 
+  security_scan:
+    name: Security scan with trivy
+    runs-on: ubuntu-24.04
+    steps:
+      - uses: actions/checkout@v4
+      - name: Scan with trivy
+        uses: aquasecurity/trivy-action@0.28.0
+        with:
+          scan-type: "fs"
+          scan-ref: "."
+          trivy-config: trivy.yaml
+
   build_image:
     name: Build image
     runs-on: ubuntu-24.04