From ac1e44fc8a4c7452e2458793242f5ad28f774dec Mon Sep 17 00:00:00 2001
From: Mario Trangoni <mjtrangoni@gmail.com>
Date: Mon, 12 Aug 2024 14:46:11 +0200
Subject: [PATCH] CI: Add trivy support

Signed-off-by: Mario Trangoni <mjtrangoni@gmail.com>
---
 .circleci/config.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 7397de1..ece0569 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -100,6 +100,19 @@ jobs:
           else
             docker push $DOCKER_IMAGE_NAME:$CIRCLE_BRANCH
           fi
+    - run:
+        name: Install trivy
+        command: |
+          apk add --update-cache --upgrade curl
+          curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin
+    - run:
+        name: Scan the local image with trivy
+        command: |
+          if [ -n "$CIRCLE_TAG" ]; then
+            trivy image --exit-code 0 --no-progress $DOCKER_IMAGE_NAME:latest
+          else
+            trivy image --exit-code 0 --no-progress docker push $DOCKER_IMAGE_NAME:$CIRCLE_BRANCH
+          fi
 
   release:
     executor: golang