name: Trivy

on:
  push:

jobs:
  test:
    runs-on: docker

    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Install system dependencies
        run: |
          DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends wget gnupg
          wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | tee /usr/share/keyrings/trivy.gpg > /dev/null
          echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | tee -a /etc/apt/sources.list.d/trivy.list
          apt-get update
          DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends trivy

      - name: Run trivy
        run: |
          trivy fs --ignore-unfixed --format table --disable-telemetry .