add tests for dataset reference #139

	name: build and scan PR container
	on:
	pull_request:
	jobs:
	build:
	name: Build PR image
	runs-on: ubuntu-22.04
	permissions:
	contents: read
	packages: write
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: create maven settings.xml
	uses: s4u/[email protected]
	with:
	servers: \|
	[{
	"id":"github-fega-norway",
	"username": "${{github.actor}}",
	"password": "${{ secrets.GITHUB_TOKEN }}"
	}]

	- name: Copy settings.xml to project root
	shell: bash
	run: cp /home/runner/.m2/settings.xml ./settings.xml

	- name: Log in to the Github Container registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Build container
	uses: docker/build-push-action@v6
	with:
	context: .
	file: ./Dockerfile
	push: true
	tags: \|
	ghcr.io/${{ github.repository }}:PR${{ github.event.number }}
	ghcr.io/${{ github.repository }}:sha-${{ github.sha }}
	labels: \|
	org.opencontainers.image.source=${{ github.event.repository.clone_url }}
	org.opencontainers.image.created=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
	org.opencontainers.image.revision=${{ github.sha }}

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0
	with:
	image-ref: ghcr.io/${{ github.repository }}:sha-${{ github.sha }}
	format: "sarif"
	hide-progress: true
	ignore-unfixed: true
	output: 'trivy-results.sarif'
	severity: "CRITICAL,HIGH"

	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: 'trivy-results.sarif'

Provide feedback