removes trivy

kyma-project · Nov 7, 2024 · b310881 · b310881
1 parent 415641f
commit b310881
Showing 1 changed file with 1 addition and 60 deletions.
diff --git a/.github/workflows/build_kim.yaml b/.github/workflows/build_kim.yaml
@@ -25,9 +25,6 @@ on:
       - .gitignore
       - "**.md"
 
-env:
-  trivy-table: trivy-table.txt
-
 permissions:
   id-token: write # This is required for requesting the JWT token
   contents: read # This is required for actions/checkout
@@ -53,49 +50,6 @@ jobs:
         if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch) && github.event_name == 'push'
         run: echo "latest=latest" >> $GITHUB_OUTPUT
 
-  trivy:
-    permissions:
-      contents: read
-    runs-on: "ubuntu-20.04"
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          ref: ${{ github.event.pull_request.head.ref }}
-          repository: ${{ github.event.pull_request.head.repo.full_name }}
-
-      - name: Install trivy
-        run: |
-          mkdir ./trivy
-          curl -L https://github.com/aquasecurity/trivy/releases/download/v0.49.1/trivy_0.49.1_Linux-64bit.tar.gz | tar xvz --directory=./trivy
-          ./trivy/trivy --version
-
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.24.0
-        with:
-          scan-type: "fs"
-          scan-ref: "."
-
-          exit-code: 1
-          severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
-          ignore-unfixed: false
-          timeout: "5m0s"
-          vuln-type: "os,library"
-
-          format: table
-          output: ${{ env.trivy-table }}
-
-      - name: Upload trivy table
-        if: success() || failure()
-        uses: actions/upload-artifact@v4
-        with:
-          name: ${{ env.trivy-table }}
-          path: ${{ env.trivy-table }}
-
-      - name: Print trivy table
-        if: success() || failure()
-        run: "test -f ${{ env.trivy-table }} && cat ${{ env.trivy-table }} || echo ':: no data ::'"
-
   build-image:
     needs: setup
     uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main # Usage: kyma-project/test-infra/.github/workflows/image-builder.yml@main
@@ -109,26 +63,13 @@ jobs:
 
   summary:
     runs-on: ubuntu-latest
-    needs: [build-image, trivy]
+    needs: [build-image]
     if: success() || failure()
     steps:
-      - name: "Download trivy log"
-        uses: actions/download-artifact@v4
-        continue-on-error: true
-        with:
-          name: ${{ env.trivy-table }}
       - name: "Generate summary"
         run: |
           {
             echo '# Kyma Infrastructure Manager'
-            # if trivy results table exists
-            if [ -f ${{ env.trivy-table }} ]; then
-              echo '## Trivy'
-              printf '\n```txt\n'
-              cat ${{ env.trivy-table }}
-              printf '\n```\n'
-            fi
-
             # if build-image was successful
             if [ "${{ needs.build-image.result }}" == "success" ]; then
               printf '\n\n## Image\n'