fix: disable trivy scans

SocialGouv · Sep 24, 2024 · 72090fc · 72090fc
1 parent 713775b
commit 72090fc
Show file tree

Hide file tree

Showing 12 changed files with 0 additions and 228 deletions.
diff --git a/.github/workflows/use-ks-gh-preproduction.yaml b/.github/workflows/use-ks-gh-preproduction.yaml
@@ -14,9 +14,6 @@ on:
       kubeconfigContext:
         required: false
         type: string
-      disableTrivyScans:
-        required: false
-        type: boolean
 
 jobs:
   deploy:
@@ -60,19 +57,3 @@ jobs:
           deployment-ok:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
           provider: ${{ steps.deployment.outputs.provider }}
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    runs-on: ubuntu-latest
-    if: ${{ ! inputs.disableTrivyScans }}
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/use-ks-gh-production.yaml b/.github/workflows/use-ks-gh-production.yaml
@@ -14,9 +14,6 @@ on:
       kubeconfigContext:
         required: false
         type: string
-      disableTrivyScans:
-        required: false
-        type: boolean
 
 jobs:
   deploy:
@@ -60,19 +57,3 @@ jobs:
           deployment-ok:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
           provider: ${{ steps.deployment.outputs.provider }}
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    runs-on: ubuntu-latest
-    if: ${{ ! inputs.disableTrivyScans }}
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/use-ks-gh-review-auto.yaml b/.github/workflows/use-ks-gh-review-auto.yaml
@@ -14,9 +14,6 @@ on:
       kubeconfigContext:
         required: false
         type: string
-      disableTrivyScans:
-        required: false
-        type: boolean
 
 jobs:
   deploy:
@@ -60,19 +57,3 @@ jobs:
           deployment-ok:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
           provider: ${{ steps.deployment.outputs.provider }}
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    if: ${{ ! inputs.disableTrivyScans }}
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/use-ks-gh-review.yaml b/.github/workflows/use-ks-gh-review.yaml
@@ -14,9 +14,6 @@ on:
       kubeconfigContext:
         required: false
         type: string
-      disableTrivyScans:
-        required: false
-        type: boolean
 
 jobs:
   deploy:
@@ -60,19 +57,3 @@ jobs:
           deployment-ok:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
           provider: ${{ steps.deployment.outputs.provider }}
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    runs-on: ubuntu-latest
-    if: ${{ ! inputs.disableTrivyScans }}
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/use-ks-gh-with-env-preproduction.yaml b/.github/workflows/use-ks-gh-with-env-preproduction.yaml
@@ -14,9 +14,6 @@ on:
       kubeconfigContext:
         required: false
         type: string
-      disableTrivyScans:
-        required: false
-        type: boolean
 
 jobs:
   deploy:
@@ -62,19 +59,3 @@ jobs:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
           provider: ${{ steps.deployment.outputs.provider }}
           github-env-enabled: true
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    runs-on: ubuntu-latest
-    if: ${{ ! inputs.disableTrivyScans }}
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/use-ks-gh-with-env-production.yaml b/.github/workflows/use-ks-gh-with-env-production.yaml
@@ -14,9 +14,6 @@ on:
       kubeconfigContext:
         required: false
         type: string
-      disableTrivyScans:
-        required: false
-        type: boolean
 
 jobs:
   deploy:
@@ -62,19 +59,3 @@ jobs:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
           provider: ${{ steps.deployment.outputs.provider }}
           github-env-enabled: true
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    if: ${{ ! inputs.disableTrivyScans }}
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/use-ks-gh-with-env-review-auto.yaml b/.github/workflows/use-ks-gh-with-env-review-auto.yaml
@@ -14,9 +14,6 @@ on:
       kubeconfigContext:
         required: false
         type: string
-      disableTrivyScans:
-        required: false
-        type: boolean
 
 jobs:
   deploy:
@@ -62,19 +59,3 @@ jobs:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
           provider: ${{ steps.deployment.outputs.provider }}
           github-env-enabled: true
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    runs-on: ubuntu-latest
-    if: ${{ ! inputs.disableTrivyScans }}
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/use-ks-gh-with-env-review.yaml b/.github/workflows/use-ks-gh-with-env-review.yaml
@@ -14,9 +14,6 @@ on:
       kubeconfigContext:
         required: false
         type: string
-      disableTrivyScans:
-        required: false
-        type: boolean
 
 jobs:
   deploy:
@@ -62,19 +59,3 @@ jobs:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
           provider: ${{ steps.deployment.outputs.provider }}
           github-env-enabled: true
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    runs-on: ubuntu-latest
-    if: ${{ ! inputs.disableTrivyScans }}
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/use-ks-wh-preproduction.yaml b/.github/workflows/use-ks-wh-preproduction.yaml
@@ -8,9 +8,6 @@ on:
         required: false
         type: boolean
         default: true
-      disableTrivyScans:
-        required: false
-        type: boolean
     secrets:
       KUBEWEBHOOK_TOKEN:
         required: true
@@ -52,19 +49,3 @@ jobs:
             ${{ steps.deployment-starting.outputs.deployment-name }}
           deployment-ok:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    if: ${{ ! inputs.disableTrivyScans }}
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/use-ks-wh-production.yaml b/.github/workflows/use-ks-wh-production.yaml
@@ -8,9 +8,6 @@ on:
         required: false
         type: boolean
         default: true
-      disableTrivyScans:
-        required: false
-        type: boolean
     secrets:
       KUBEWEBHOOK_TOKEN:
         required: true
@@ -52,19 +49,3 @@ jobs:
             ${{ steps.deployment-starting.outputs.deployment-name }}
           deployment-ok:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    runs-on: ubuntu-latest
-    if: ${{ ! inputs.disableTrivyScans }}
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/use-ks-wh-review-auto.yaml b/.github/workflows/use-ks-wh-review-auto.yaml
@@ -8,9 +8,6 @@ on:
         required: false
         type: boolean
         default: true
-      disableTrivyScans:
-        required: false
-        type: boolean
     secrets:
       KUBEWEBHOOK_TOKEN:
         required: true
@@ -52,19 +49,3 @@ jobs:
             ${{ steps.deployment-starting.outputs.deployment-name }}
           deployment-ok:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    runs-on: ubuntu-latest
-    if: ${{ ! inputs.disableTrivyScans }}
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/use-ks-wh-review.yaml b/.github/workflows/use-ks-wh-review.yaml
@@ -8,9 +8,6 @@ on:
         required: false
         type: boolean
         default: true
-      disableTrivyScans:
-        required: false
-        type: boolean
     secrets:
       KUBEWEBHOOK_TOKEN:
         required: true
@@ -52,19 +49,3 @@ jobs:
             ${{ steps.deployment-starting.outputs.deployment-name }}
           deployment-ok:
             ${{ steps.deployment.outcome == 'success' && 'true' || 'false' }}
-
-  trivy:
-    name: 🕵️ Trivy vulnerability scanner
-    needs: [deploy]
-    if: ${{ ! inputs.disableTrivyScans }}
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      max-parallel: 3
-      matrix:
-        imageRef: ${{ fromJson(needs.deploy.outputs.manifests-images) }}
-    steps:
-      - uses: socialgouv/workflows/actions/trivy-scan-image@v1
-        with:
-          image: ${{ matrix.imageRef }}
-          token: ${{ secrets.GITHUB_TOKEN }}